rpms
/
scap-security-guide
7
0
Fork 0
Code Issues Pull Requests Releases Activity
scap-security-guide/SOURCES/scap-security-guide-0.1.69-...

27684 lines
1.6 MiB
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 52d841098..34a8d287c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -71,6 +71,7 @@ option(SSG_PRODUCT_DEFAULT "If enabled, all default release products will be bui
# unless explicitly asked for.
option(SSG_PRODUCT_ALINUX2 "If enabled, the Alibaba Cloud Linux 2 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_ALINUX3 "If enabled, the Alibaba Cloud Linux 3 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
+option(SSG_PRODUCT_ALMALINUX9 "If enabled, the AlmaLinux 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_ANOLIS8 "If enabled, the Anolis OS 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_ANOLIS23 "If enabled, the Anolis OS 23 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
option(SSG_PRODUCT_CHROMIUM "If enabled, the Chromium SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
@@ -283,6 +284,7 @@ message(STATUS " ")
message(STATUS "Products:")
message(STATUS "Alibaba Cloud Linux 2: ${SSG_PRODUCT_ALINUX2}")
message(STATUS "Alibaba Cloud Linux 3: ${SSG_PRODUCT_ALINUX3}")
+message(STATUS "AlmaLinux 9: ${SSG_PRODUCT_ALMALINUX9}")
message(STATUS "Anolis OS 8: ${SSG_PRODUCT_ANOLIS8}")
message(STATUS "Anolis OS 23: ${SSG_PRODUCT_ANOLIS23}")
message(STATUS "Chromium: ${SSG_PRODUCT_CHROMIUM}")
@@ -349,6 +351,9 @@ endif()
if(SSG_PRODUCT_ALINUX3)
add_subdirectory("products/alinux3" "alinux3")
endif()
+if(SSG_PRODUCT_ALMALINUX9)
+ add_subdirectory("products/almalinux9" "almalinux9")
+endif()
if(SSG_PRODUCT_ANOLIS8)
add_subdirectory("products/anolis8" "anolis8")
endif()
diff --git a/build_product b/build_product
index ba8fb5d68..8924a3e5c 100755
--- a/build_product
+++ b/build_product
@@ -307,6 +307,7 @@ set_explict_build_targets() {
all_cmake_products=(
ALINUX2
ALINUX3
+ ALMALINUX9
ANOLIS8
ANOLIS23
CHROMIUM
diff --git a/components/rpm.yml b/components/rpm.yml
index 2b00bd908..5c0aa5b1e 100644
--- a/components/rpm.yml
+++ b/components/rpm.yml
@@ -17,6 +17,7 @@ rules:
- ensure_oracle_gpgkey_installed
- ensure_package_repositories_are_configured
- ensure_redhat_gpgkey_installed
+- ensure_almalinux_gpgkey_installed
- ensure_suse_gpgkey_installed
- package_dnf-automatic_installed
- package_gnome_software_installed
diff --git a/controls/anssi.yml b/controls/anssi.yml
index 35e111d11..6f813c160 100644
--- a/controls/anssi.yml
+++ b/controls/anssi.yml
@@ -1155,7 +1155,7 @@ controls:
- ensure_gpgcheck_never_disabled
- ensure_gpgcheck_globally_activated
- ensure_gpgcheck_local_packages
- - ensure_redhat_gpgkey_installed
+ - ensure_almalinux_gpgkey_installed
- ensure_oracle_gpgkey_installed
- id: R60
diff --git a/controls/cis_rhel8.yml b/controls/cis_rhel8.yml
index afa162a66..4584a123a 100644
--- a/controls/cis_rhel8.yml
+++ b/controls/cis_rhel8.yml
@@ -349,7 +349,7 @@ controls:
- l1_workstation
status: manual
related_rules:
- - ensure_redhat_gpgkey_installed
+ - ensure_almalinux_gpgkey_installed
- id: 1.2.3
title: Ensure gpgcheck is globally activated (Automated)
diff --git a/controls/cis_rhel9.yml b/controls/cis_rhel9.yml
index b97ce59ea..0fbb5ffe3 100644
--- a/controls/cis_rhel9.yml
+++ b/controls/cis_rhel9.yml
@@ -306,7 +306,7 @@ controls:
- l1_workstation
status: manual
related_rules:
- - ensure_redhat_gpgkey_installed
+ - ensure_almalinux_gpgkey_installed
- id: 1.2.2
title: Ensure gpgcheck is globally activated (Automated)
diff --git a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
index 6d494547b..52b80a324 100644
--- a/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
+++ b/controls/srg_gpos/SRG-OS-000366-GPOS-00153.yml
@@ -12,9 +12,6 @@ controls:
- ensure_gpgcheck_globally_activated
- ensure_gpgcheck_local_packages
- ensure_gpgcheck_never_disabled
- {{% if 'rhel' in product %}}
- - ensure_redhat_gpgkey_installed
- {{% endif %}}
- - ensure_oracle_gpgkey_installed
+ - ensure_almalinux_gpgkey_installed
status: automated
diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
index e88bbf4ef..ade250973 100644
--- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
+++ b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi-autoipd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall avahi-autoipd Server Package'
diff --git a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
index ae6e5f38f..2b5ea514b 100644
--- a/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
+++ b/linux_os/guide/services/avahi/disable_avahi_group/package_avahi_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall avahi Server Package'
diff --git a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
index 9994d5921..bf86a67aa 100644
--- a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
+++ b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Avahi Server Software'
diff --git a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
index dcf0885f1..cb14ee554 100644
--- a/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_cockpit_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Cockpit Management Server'
diff --git a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
index 1f6a233ed..9f3a4d6b4 100644
--- a/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
+++ b/linux_os/guide/services/base/service_kdump_disabled/anaconda/shared.anaconda
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
kdump --disable
diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
index 80fe7b688..5017c1c91 100644
--- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable KDump Kernel Crash Analyzer (kdump)'
diff --git a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
index 2d3189bc1..e6295d3b6 100644
--- a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,uos20
title: 'Disable ntpdate Service (ntpdate)'
diff --git a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
index ffa0e5d82..fd443c99e 100644
--- a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,uos20
title: 'Disable Odd Job Daemon (oddjobd)'
diff --git a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
index 62bebd735..69e1d9202 100644
--- a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
@@ -1,7 +1,7 @@
documentation_complete: true
# package is unlikely to appear on a RHEL9 system, don't extend to RHEL10
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,uos20
title: 'Disable Apache Qpid (qpidd)'
diff --git a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
index 3a9b0cd98..fde646ef2 100644
--- a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,uos20
title: 'Disable Network Router Discovery Daemon (rdisc)'
diff --git a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
index 41571146d..c4e4f98eb 100644
--- a/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_rhnsd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable Red Hat Network Service (rhnsd)'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
index 77b163e60..2b3093504 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
index ff0443ac5..bc0f43113 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
index 63dd951d7..f78c5ae9b 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
index 6d4493560..9af1b0474 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
index 687b84698..12d707745 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
index b980bc125..2736ad53d 100644
--- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns Crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
index c2d050d27..88df46f3c 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
index 6024de5c6..e261fca99 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
index 46320b462..1bdc7e44c 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
index 18afaf1da..3a00b40a4 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
index d76c2031c..4941f09ae 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
index b9c4bcce4..e9dc5a1f1 100644
--- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on crontab'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
index bdc53cc7c..abf85de61 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.d'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
index 24b4cf5e5..27732bccc 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.daily'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
index 6e0da2bac..2deb5dfaf 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.hourly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
index 5f5e5f6ec..c17983c4c 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.monthly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
index c4ea83653..9572cae38 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on cron.weekly'
diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
index e29f65023..4e9e0284a 100644
--- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
+++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on crontab'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
index 169db9bc0..84e8a111a 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Ensure that /etc/at.deny does not exist'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
index ff1fb5c57..9b710f9cf 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Ensure that /etc/cron.deny does not exist'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
index dfa5e7fc6..1f074661d 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns /etc/at.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
index 66b4a228b..0b320919a 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
index 843e6af80..30c7498b9 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify User Who Owns /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
index d0e6dfd0c..c398142ea 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/at.allow file'
diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
index 2b5f5e207..a3a39bf10 100644
--- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
+++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/cron.allow file'
diff --git a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
index 53b236464..87a341efa 100644
--- a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,uos20
title: 'Disable At Service (atd)'
diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
index b2f6cddb1..62fa61b3b 100644
--- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable cron Service'
diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
index cd80412b3..4d08e7840 100644
--- a/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall DHCP Server Package'
diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
index 0b54e6c74..749e33acb 100644
--- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
+++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable DHCP Service'
diff --git a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
index 392785165..efeffb597 100644
--- a/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
+++ b/linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204,uos20
title: 'Uninstall bind Package'
diff --git a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
index 87843736d..48030e21c 100644
--- a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
+++ b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable named Service'
diff --git a/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml b/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
index a053110a7..f7f5fdce0 100644
--- a/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
+++ b/linux_os/guide/services/dns/package_dnsmasq_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Uninstall dnsmasq Package'
diff --git a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
index c2de306f6..ce71aac0b 100644
--- a/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
+++ b/linux_os/guide/services/fapolicyd/fapolicy_default_deny/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure Fapolicy Module to Employ a Deny-all, Permit-by-exception Policy to Allow the Execution of Authorized Software Programs.'
diff --git a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
index febad1cc8..dd4b61d46 100644
--- a/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
+++ b/linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Install fapolicyd Package'
diff --git a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
index 57e01f723..a0014c7c1 100644
--- a/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
+++ b/linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Enable the File Access Policy Service'
diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
index f88eea4f0..7aae82b4d 100644
--- a/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
+++ b/linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall vsftpd Package'
diff --git a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
index dc79102fd..a1ee7bff7 100644
--- a/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
+++ b/linux_os/guide/services/ftp/disabling_vsftpd/service_vsftpd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable vsftpd Service'
diff --git a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
index 1129ce7f1..2f0d1eb2c 100644
--- a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
+++ b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Remove ftp Package'
diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
index 044177ba3..5d03ff716 100644
--- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
+++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall httpd Package'
diff --git a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
index c650de2a3..c7448273d 100644
--- a/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
+++ b/linux_os/guide/services/http/disabling_httpd/service_httpd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sel12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sel12,sle15
title: 'Disable httpd Service'
diff --git a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
index 171b5262d..fc0ca780f 100644
--- a/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
+++ b/linux_os/guide/services/http/disabling_nginx/package_nginx_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Uninstall nginx Package'
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
index d8631eb95..489b5b4bc 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_d_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.d/'
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
index 5227203b8..6c908c071 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_conf_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf/'
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
index 1af8689b8..5b30b5bc3 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/file_permissions_httpd_server_modules_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Set Permissions on All Configuration Files Inside /etc/httpd/conf.modules.d/'
diff --git a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
index 9d039807d..0ab230c90 100644
--- a/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
+++ b/linux_os/guide/services/imap/disabling_cyrus-imapd/package_cyrus-imapd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Uninstall cyrus-imapd Package'
diff --git a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
index 87b82fee6..0f5cf4705 100644
--- a/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
+++ b/linux_os/guide/services/imap/disabling_dovecot/package_dovecot_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall dovecot Package'
diff --git a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
index 5968c1a2f..20b9d7190 100644
--- a/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
+++ b/linux_os/guide/services/imap/disabling_dovecot/service_dovecot_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable Dovecot Service'
diff --git a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
index 87375c0d9..6b557d161 100644
--- a/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
+++ b/linux_os/guide/services/kerberos/kerberos_disable_no_keytab/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
# new major OS versions will most likely not be applicable because of the
# kerberos version higher than 1.17-18
-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Kerberos by removing host keytab'
diff --git a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
index 88a8417bc..af7a1f869 100644
--- a/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
+++ b/linux_os/guide/services/kerberos/package_krb5-server_removed/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
# new major OS versions will most likely not be applicable because of the
# kerberos version higher than 1.17-18
-prodtype: ol7,ol8,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Remove the Kerberos Server Package'
diff --git a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
index a4bd1fc3c..e63a8ea82 100644
--- a/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
+++ b/linux_os/guide/services/ldap/389_ds/package_389-ds-base_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel7,rhel8,rhel9
+prodtype: rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall 389-ds-base Package'
diff --git a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
index 646e63f4b..cb346ebf4 100644
--- a/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
+++ b/linux_os/guide/services/ldap/openldap_client/ldap_client_start_tls/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# Use LDAP for authentication
diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
index 2ec31a290..bc945e70f 100644
--- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
+++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml
@@ -8,7 +8,7 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Ensure LDAP client is not installed'
diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
index bf75fffce..e628dd08a 100644
--- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
+++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml
@@ -11,7 +11,7 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Uninstall openldap-servers Package'
diff --git a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
index c94722d9e..b5ad70374 100644
--- a/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
+++ b/linux_os/guide/services/ldap/openldap_server/service_slapd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9,almalinux9
title: 'Disable LDAP Server (slapd)'
diff --git a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
index 565693471..974ace384 100644
--- a/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
+++ b/linux_os/guide/services/mail/has_nonlocal_mta/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure Mail Transfer Agent is not Listening on any non-loopback Address'
diff --git a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
index 3674a8609..dc926b106 100644
--- a/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
+++ b/linux_os/guide/services/mail/package_sendmail_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall Sendmail Package'
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
index cf67161e3..9ac592066 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
index a6bc6cb16..746f87283 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
+++ b/linux_os/guide/services/mail/postfix_client/postfix_client_configure_mail_alias/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
{{{ bash_instantiate_variables("var_postfix_root_mail_alias") }}}
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
index c5e7ae18c..1ab2a0a40 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
index befe1acf3..e36b1fd3e 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_postfix_inet_interfaces") }}}
diff --git a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
index 6366a2d1a..c93fb1488 100644
--- a/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
+++ b/linux_os/guide/services/mail/postfix_client/postfix_network_listening_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Postfix Network Listening'
diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
index 379999e33..6b7f19ae6 100644
--- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Prevent Unrestricted Mail Relaying'
diff --git a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
index 40e23a91d..ac643ddd6 100644
--- a/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
+++ b/linux_os/guide/services/mail/service_postfix_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Postfix Service'
diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
index 1fc438cc4..48e546d99 100644
--- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/package_rpcbind_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall rpcbind Package'
diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
index a85028384..824a4ed59 100644
--- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable rpcbind Service'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
index 083e7b30e..e4cf444c5 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable Network File System (nfs)'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
index a48edf779..ce176f114 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_krb_sec_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Mount Remote Filesystems with Kerberos Security'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
index 6911a7163..cac07fc8b 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nodev_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Mount Remote Filesystems with nodev'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
index 95c902246..f15463a1b 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_noexec_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Mount Remote Filesystems with noexec'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
index c2805a5cd..9b216fe37 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/mounting_remote_filesystems/mount_option_nosuid_remote_filesystems/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Mount Remote Filesystems with nosuid'
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
index b666538f2..53e539d8a 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Use Kerberos Security on All Exports'
diff --git a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
index 3de7c8db0..ade1efaed 100644
--- a/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/package_nfs-utils_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall nfs-utils Package'
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
index 524cdc7d0..2678708d2 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
+++ b/linux_os/guide/services/ntp/chronyd_client_only/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
{{{ bash_replace_or_append(chrony_conf_path, '^port', '0', '%s %s') }}}
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_client_only/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
index 0e9ab7fe9..d48978528 100644
--- a/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_client_only/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable chrony daemon from acting as server'
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
index 25b768688..a1e46bc12 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
{{{ bash_replace_or_append(chrony_conf_path, '^cmdport', '0', '%s %s') }}}
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
index 782106734..f3177b0c6 100644
--- a/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_no_chronyc_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable network management of chrony daemon'
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
index b7bef7d30..15db9896f 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Time Service Maxpoll Interval'
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
index c435df983..b80ffbf7b 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
index 63880e804..ef8d1836d 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/ansible/shared.yml
@@ -5,7 +5,7 @@
# disruption = low
{{%- set ok_by_default = false %}}
-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}}
+{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "almalinux9", "ol9", "fedora"] %}}
{{%- set ok_by_default = true %}}
{{%- endif %}}
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh
index 462528038..da0f9330b 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/bash/shared.sh
@@ -1,6 +1,6 @@
# platform = multi_platform_all
{{%- set ok_by_default = false %}}
-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}}
+{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "almalinux9", "ol9", "fedora"] %}}
{{%- set ok_by_default = true %}}
{{%- endif %}}
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml
index e1d712f25..1a6e10840 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/oval/shared.xml
@@ -1,5 +1,5 @@
{{%- set ok_by_default = false %}}
-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}}
+{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "almalinux9", "ol9", "fedora"] %}}
{{%- set ok_by_default = true %}}
{{%- endif %}}
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
index a1f8c234b..14f415da2 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/rule.yml
@@ -1,11 +1,11 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure that chronyd is running under chrony user account'
{{%- set ok_by_default = false %}}
-{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "ol9", "fedora"] %}}
+{{%- if product in ["rhel7", "ol7", "rhel8", "ol8", "rhel9", "almalinux9", "ol9", "fedora"] %}}
{{%- set ok_by_default = true %}}
{{%- endif %}}
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
index 2e3d4e406..a348b99df 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
index b75e59c2e..6c3415c34 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/correct_multiple_options.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
index edd19015f..11fcd1bce 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
index 83120046d..12b9d1a42 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/empty_options.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
index 0b8c54cfb..7a44d477b 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
index 69908e41f..0c506bca3 100644
--- a/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_run_as_chrony_user/tests/wrong_line_2.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# packages = chrony
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
index b2427c1d5..2d62ca68b 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_empty.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
echo "" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
index 16c634e0a..e0e0b136a 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/file_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
rm -f {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
index 56b414e2e..c28bc2f7f 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/line_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
echo "some line" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
index 01a21e0b0..3b8082c73 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/multiple_servers.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
sed -i "^pool.*" {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
index 6f45a555f..5d03e6e21 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_pool.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
sed -i "^server.*" {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
index ec9e58c75..1a31ccf74 100644
--- a/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_server_directive/tests/only_server.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
sed -i "^pool.*" {{{ chrony_conf_path }}}
echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
index d74bde623..8f83241cd 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
index 56cee5abd..a8d771d62 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/correct_pool.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "pool 0.pool.ntp.org" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
index 50e0715cc..e75a1ec07 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_empty.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "" > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
index d89bdb1e5..a56b2e0dc 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/file_missing.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
rm -f {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
index ce121222a..3c7d36f8b 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/line_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "some line" > {{{ chrony_conf_path }}}
echo "another line" >> {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
index 917d2e610..eccff3389 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/multiple_servers.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "server 0.pool.ntp.org" > {{{ chrony_conf_path }}}
echo "server 1.pool.ntp.org" >> {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
index 5f0ad2c6e..7c6175efb 100644
--- a/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
+++ b/linux_os/guide/services/ntp/chronyd_specify_remote_server/tests/server_not_specified.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = chrony
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
echo "server " > {{{ chrony_conf_path }}}
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
index 4bef92d96..8f2ce0a4c 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall xinetd Package'
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
index 06ffe16cb..dbcd37c7c 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
@@ -1,7 +1,7 @@
documentation_complete: true
# package is unlikely to appear on a RHEL9 system, don't extend to RHEL10
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable xinetd Service'
diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
index c5f90c495..4da134625 100644
--- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Remove NIS Client'
diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
index b057fc5a8..561647d42 100644
--- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Uninstall ypserv Package'
diff --git a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
index b302496d1..79d2cceba 100644
--- a/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/nis/service_ypserv_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel8,rhel9,almalinux9
title: 'Disable ypserv Service'
diff --git a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
index b7beb612c..2eff2429d 100644
--- a/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/package_rsync_removed/rule.yml
@@ -6,7 +6,7 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall rsync Package'
diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
index 7ba8c1008..0fa5c255c 100644
--- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Remove Host-Based Authentication Files'
diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
index 9c6fc297c..7db8e8320 100644
--- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
index e64838b15..baaa07631 100644
--- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
+++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
find /root -xdev -type f -name ".rhosts" -exec rm -f {} \;
find /home -maxdepth 2 -xdev -type f -name ".rhosts" -exec rm -f {} \;
diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
index 8eb7f2db5..9cbcf4b86 100644
--- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Remove User Host-Based Authentication Files'
diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
index ccfe39dee..fbb7ec130 100644
--- a/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/package_rsh-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall rsh-server Package'
diff --git a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
index 45e79f6de..3f8e33b24 100644
--- a/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall rsh Package'
diff --git a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
index 1b5db8e51..6668c946a 100644
--- a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
@@ -1,7 +1,7 @@
documentation_complete: true
# potentially obsolete, rsh-server is not available in RHEL9
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Disable rlogin Service'
diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
index 976fdaaec..153f295ce 100644
--- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure rsyncd service is disabled'
diff --git a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
index 0331db92e..085131b9f 100644
--- a/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Uninstall talk-server Package'
diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
index 14317060b..4505ac061 100644
--- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall talk Package'
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
index 080785dd8..20714ac5f 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Uninstall telnet-server Package'
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
index 2571d5072..31ffdf29a 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove telnet Clients'
diff --git a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
index a38c0cc48..9e69956ab 100644
--- a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Disable telnet Service'
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
index 9268c850c..5e583ad07 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Uninstall tftp-server Package'
diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
index 35e0a2f93..b25f376f7 100644
--- a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Remove tftp Daemon'
diff --git a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
index 9dd7a8bdd..b809881ed 100644
--- a/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
+++ b/linux_os/guide/services/obsolete/tftp/tftpd_uses_secure_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure tftp Daemon Uses Secure Mode'
diff --git a/linux_os/guide/services/printing/package_cups_removed/rule.yml b/linux_os/guide/services/printing/package_cups_removed/rule.yml
index df44086ff..2f164b1f9 100644
--- a/linux_os/guide/services/printing/package_cups_removed/rule.yml
+++ b/linux_os/guide/services/printing/package_cups_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall CUPS Package'
diff --git a/linux_os/guide/services/printing/service_cups_disabled/rule.yml b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
index a32b94c36..30833a927 100644
--- a/linux_os/guide/services/printing/service_cups_disabled/rule.yml
+++ b/linux_os/guide/services/printing/service_cups_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable the CUPS Service'
diff --git a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
index c2cc9410c..68b6343a1 100644
--- a/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
+++ b/linux_os/guide/services/proxy/disabling_squid/package_squid_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall squid Package'
diff --git a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
index 2ca96be83..5aa0bcdc8 100644
--- a/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
+++ b/linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable Squid'
diff --git a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
index 7c01c09b4..496e4d67f 100644
--- a/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
+++ b/linux_os/guide/services/radius/package_freeradius_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Remove the FreeRadius Server Package'
diff --git a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
index 4e39496fc..fb72906c4 100644
--- a/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
+++ b/linux_os/guide/services/rng/service_rngd_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Enable the Hardware RNG Entropy Gatherer Service'
diff --git a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
index 40f9fa887..2ca019269 100644
--- a/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
+++ b/linux_os/guide/services/routing/disabling_quagga/package_quagga_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall quagga Package'
diff --git a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
index da59b70a6..78f70b1f9 100644
--- a/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
+++ b/linux_os/guide/services/smb/configuring_samba/mount_option_smb_client_signing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Require Client SMB Packet Signing, if using mount.cifs'
diff --git a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
index 1f7d56c19..3ce4e49e3 100644
--- a/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
+++ b/linux_os/guide/services/smb/configuring_samba/package_samba-common_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Install the Samba Common Package'
diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
index a66068605..f25b95045 100644
--- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
index 9e1f01f53..d7d4c2651 100644
--- a/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
+++ b/linux_os/guide/services/smb/configuring_samba/require_smb_client_signing/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
######################################################################
#By Luke "Brisk-OH" Brisk
#luke.brisk@boeing.com or luke.brisk@gmail.com
diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
index 1b633c648..bb416b331 100644
--- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
+++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall Samba Package'
diff --git a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
index 0370bdb36..692305f11 100644
--- a/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
+++ b/linux_os/guide/services/smb/disabling_samba/service_smb_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable Samba'
diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
index 3f8d8cf5c..44b2e2343 100644
--- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
+++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Uninstall net-snmp Package'
diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
index 47810df3f..a76327dff 100644
--- a/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
+++ b/linux_os/guide/services/snmp/disabling_snmp_service/service_snmpd_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable snmpd Service'
diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
index c2af07442..e3d8dda14 100644
--- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure SNMP Read Write is disabled'
diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
index 309efb9aa..6224d7923 100644
--- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
+++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_use_newer_protocol/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Configure SNMP Service to Use Only SNMPv3 or Newer'
diff --git a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
index 2262fb3b8..6e2a16ba0 100644
--- a/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_groupowner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Who Owns SSH Server config file'
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
index cd5171c1b..6301578ba 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/correct_groupowner.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
if ! grep -q ssh_keys /etc/group; then
groupadd ssh_keys
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
index 840370623..c64f052be 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/incorrect_groupowner.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_group="cac_testgroup"
groupadd $test_group
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
index 4964fe4a1..f5fd88dd3 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_private_key/tests/multiple_keys.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_group="cac_testgroup"
groupadd $test_group
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
index 8028e0466..36ebda0b3 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/correct_groupowner.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub)
chgrp root "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
index 56c713f3d..505f3adfb 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/incorrect_groupowner.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_group="cac_testgroup"
groupadd $test_group
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
index 7cffa2c97..9c0f3a28b 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/missing_file_test.pass.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
rm -f /etc/ssh/*.pub
diff --git a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
index b6bef987d..799d5044b 100644
--- a/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
+++ b/linux_os/guide/services/ssh/file_groupownership_sshd_pub_key/tests/multiple_keys.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_group="cac_testgroup"
groupadd $test_group
diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
index 8785509dc..8812a43af 100644
--- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Owner on SSH Server config file'
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
index b36e8a3d7..494455df2 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/correct_owner.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
chown root "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
index 30da398eb..4ee3a3c1f 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/incorrect_owner.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_user="cac_testuser"
useradd $test_user
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
index 59f414be3..484da1eec 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/tests/multiple_keys.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_user="cac_testuser"
useradd $test_user
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
index adc985a1a..489f65995 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/correct_owner.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX.pub)
chown root "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
index 4fa528fe3..bbc3c6147 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/incorrect_owner.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_user="cac_testuser"
useradd $test_user
diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
index 16878dc1d..6c3983a9d 100644
--- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
+++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/tests/multiple_keys.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
test_user="cac_testuser"
useradd $test_user
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
index a69ba302e..1eb5a562c 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Permissions on SSH Server config file'
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
index 28325e1f7..d19148a0b 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altcorrect_permissions.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
chown root:ssh_keys "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
index 63e2d8642..8a5a658b5 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/altlenient_permissions.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
chown root:ssh_keys "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
index 48ecfbcac..c5a05db8b 100644
--- a/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
+++ b/linux_os/guide/services/ssh/file_permissions_sshd_private_key/tests/supercompliance.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
FAKE_KEY=$(mktemp -p /etc/ssh/ XXXX_key)
chown root:ssh_keys "$FAKE_KEY"
diff --git a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
index 36ac1f29d..cff318080 100644
--- a/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
+++ b/linux_os/guide/services/ssh/package_openssh-clients_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Install OpenSSH client software'
diff --git a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
index 5d7fd206b..518c6ef32 100644
--- a/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/service_sshd_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004
title: 'Enable the OpenSSH Service'
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
index afc6d539c..8ebcfb5c1 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_client_rekey_limit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure session renegotiation for SSH client'
diff --git a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
index 70d9bc7cc..12c9a37b5 100644
--- a/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_client/ssh_keys_passphrase_protected/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol9,rhel8,rhel9
+prodtype: ol9,rhel8,rhel9,almalinux9
title: 'Verify the SSH Private Key Files Have a Passcode'
diff --git a/linux_os/guide/services/ssh/ssh_private_keys_have_passcode/rule.yml b/linux_os/guide/services/ssh/ssh_private_keys_have_passcode/rule.yml
index d5f70f350..759e9d2b4 100644
--- a/linux_os/guide/services/ssh/ssh_private_keys_have_passcode/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_private_keys_have_passcode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,rhel9
+prodtype: ol8,rhel9,almalinux9
title: 'OpenSSH Service Must Use Passcode for Their Private Keys'
diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
index 5a97f74df..104b27f3f 100644
--- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
index 280020823..582a114c6 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/oval/shared.xml
@@ -53,7 +53,7 @@
<ind:textfilecontent54_object id="object_firewalld_sshd_port_enabled_zones_assigned_to_nics"
comment="Check the respective zone parameter in all NICs configuration files" version="3">
- {{% if product in ["fedora", "ol9", "rhel9"] %}}
+ {{% if product in ["fedora", "ol9", "rhel9", "almalinux9"] %}}
<ind:path>/etc/NetworkManager/system-connections</ind:path>
<ind:filename operation="pattern match">.*\.nmconnection</ind:filename>
<ind:pattern operation="pattern match">^zone=(.*)$</ind:pattern>
@@ -83,7 +83,7 @@
<unix:file_object id="object_firewalld_sshd_port_enabled_network_conf_files" version="1">
<unix:behaviors recurse="directories" recurse_direction="down" max_depth="1"
recurse_file_system="all"/>
- {{% if product in ["fedora", "ol9", "rhel9"] %}}
+ {{% if product in ["fedora", "ol9", "rhel9", "almalinux9"] %}}
<unix:path>/etc/NetworkManager/system-connections</unix:path>
<unix:filename operation="pattern match">.*\.nmconnection</unix:filename>
{{% else %}}
diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
index fb6956152..f7e55892b 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable SSH Server firewalld Firewall Exception'
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
index 39102e5d7..2dcfeeb0f 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
index ba5987621..d972650ea 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv
{{{ bash_replace_or_append('/etc/ssh/sshd_config', '^Protocol', '2', '%s %s') }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
index f8d422c6c..aafcd046f 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
index 7c01208c4..8e6c9a53a 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{{ bash_instantiate_variables("var_sshd_disable_compression") }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
index f1c15c139..b22ea6c66 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_PARAM="Compression"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
index 228a1166a..6ba91af43 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
index 5a1ec5cf7..d240b4711 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
{{{ bash_replace_or_append('/etc/ssh/sshd_config', '^RhostsRSAAuthentication', 'no', '%s %s') }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
index 9b10c1d19..9d45a7368 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_size_directory.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_rekey_limit_time=1h
mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
index 6bd150bbc..50057c216 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/bad_time_directory.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_rekey_limit_size=512M
mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
index 59aaab6dc..5a12d9fc2 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/no_line_directory.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
mkdir -p /etc/ssh/sshd_config.d
touch /etc/ssh/sshd_config.d/nothing
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
index bc254a3a5..7cf6f6145 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/param_conflict_directory.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_PARAM="RekeyLimit"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
index a31a14f8a..c9d542ec0 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel8_ospp_ok.pass.sh
@@ -1,4 +1,4 @@
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
index 021280218..904930d1a 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
index 5b54ab892..4213bc152 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/correct_value_directory.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/correct_value_directory.pass.sh
index 66b0d783a..78adcaa64 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/correct_value_directory.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/correct_value_directory.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_CONFIG_DIR="/etc/ssh/sshd_config.d"
SSHD_CONFIG="${SSHD_CONFIG_DIR}/good_config.conf"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/param_conflict_directory.fail.sh
index ea5e8f16c..5df0dd4af 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/param_conflict_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/param_conflict_directory.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_CONFIG_DIR="/etc/ssh/sshd_config.d"
SSHD_CONFIG_BAD="${SSHD_CONFIG_DIR}/bad_config.conf"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/wrong_value_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/wrong_value_directory.fail.sh
index ead09cc23..c4dae825a 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/wrong_value_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/tests/wrong_value_directory.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_CONFIG_DIR="/etc/ssh/sshd_config.d"
SSHD_CONFIG="${SSHD_CONFIG_DIR}/bad_config.conf"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
index c47506b42..0b8f7bd7f 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
index 3cfe760fb..cba9bf0c4 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_sshd_set_keepalive") }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/correct_value_dot_dir.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/correct_value_dot_dir.pass.sh
index 8c774768c..9e8a8c6cd 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/correct_value_dot_dir.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/correct_value_dot_dir.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_sshd_set_keepalive=1
SSHD_CONFIG="/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/param_conflict_directory.fail.sh
index acbca14d8..287c3763a 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/param_conflict_directory.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/param_conflict_directory.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_sshd_set_keepalive=1
mkdir -p /etc/ssh/sshd_config.d
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/wrong_value_dot_dir.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/wrong_value_dot_dir.fail.sh
index 17f1bd721..49ba4cfa7 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/wrong_value_dot_dir.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/tests/wrong_value_dot_dir.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_sshd_set_keepalive=1
SSHD_CONFIG="/etc/ssh/sshd_config.d/00-complianceascode-hardening.conf"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
index a7a2ed3d6..f4ba85ff9 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
index 2920273f9..32fba975e 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_auth_tries/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("sshd_max_auth_tries_value") }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
index fcdb800c2..77c3e82da 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_max_sessions/tests/wrong_value.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel, multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux, multi_platform_fedora
#!/bin/bash
SSHD_CONFIG="/etc/ssh/sshd_config"
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
index d9775be43..8abd5c4ee 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/comment.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
index 5e7246205..6de325120 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_reduced_list.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
index 11e8fe96d..00b69cd2c 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_scrambled.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
index a2528cb30..0c8dcf1ba 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
index 63213b5d1..7d20761ba 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/line_not_there.fail.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
index 59dee5b9e..b0f66c148 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/no_parameters.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
index 0e12d5a2a..d825167a3 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_kex_ordered_stig/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
source common.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
index edb2553d2..2bfd42c86 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/default_correct_value.pass.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com", '%s %s') }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
index b903a7a08..cd6f95db4 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/tests/wrong_value.fail.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_replace_or_append('/etc/ssh/sshd_config', '^MACs', "wrong_value_expected_to_fail.com", '%s %s') }}}
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_directory_configuration/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_directory_configuration/rule.yml
index be7b2a198..34b5c40ed 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_directory_configuration/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_directory_configuration/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol9,rhel9
+prodtype: fedora,ol9,rhel9,almalinux9
title: 'Distribute the SSH Server configuration to multiple files in a config directory.'
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
index ba493f99f..dad0a61e3 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/good_cipher.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
sed -i 's/^\s*Ciphers\s.*//i' /etc/ssh/sshd_config
echo "Ciphers aes256-ctr" >> /etc/ssh/sshd_config
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
index 27a2e37ac..3e678dccb 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/tests/no_ciphers.fail.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
sed -i 's/^\s*Ciphers\s/# &/i' /etc/ssh/sshd_config
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
index ca08e633a..f90fa48d6 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/good_mac.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
sed -i 's/^\s*MACs\s.*//i' /etc/ssh/sshd_config
echo "MACs hmac-sha2-512" >> /etc/ssh/sshd_config
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
index 5a98fc0eb..846cdd444 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/tests/no_macs.fail.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
sed -i 's/^\s*MACs\s/# &/i' /etc/ssh/sshd_config
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
index f1e9853d6..15870678b 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_rng/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
# TODO: The plan is not to need this for RHEL>=8.4
# TODO: Compliant setting is SSH_USE_STRONG_RNG set to 32 or more
-prodtype: fedora,ol8,rhel8,rhel9
+prodtype: fedora,ol8,rhel8,rhel9,almalinux9
title: 'SSH server uses strong entropy to seed'
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
index 3a58720dd..a4e44202d 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_x11_use_localhost/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,ubuntu2004
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,ubuntu2004
title: 'Prevent remote hosts from connecting to the proxy display'
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
index 202fc7f44..711cc57c6 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
index 68a6a1291..740c94e10 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
{{{ bash_instantiate_variables("var_sssd_ldap_tls_ca_dir") }}}
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
index 891b3e2f9..6cb0bce26 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
index 5c83263bc..91e28ba16 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_reqcert/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
{{{ bash_sssd_ldap_config(parameter="ldap_tls_reqcert", value="demand") }}}
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
index b38bc41fe..33c5c9034 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
index 564e32815..02bed6db8 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_start_tls/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
{{{ bash_sssd_ldap_config(parameter="ldap_id_use_start_tls", value="true") }}}
diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
index c93d7a59d..a6dff6f85 100644
--- a/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
index ea3c0946c..08e66dade 100644
--- a/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
index cd24ded03..2b75556f8 100644
--- a/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_certificate_verification/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Certificate status checking in SSSD'
diff --git a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
index ed8b1c4e1..e6b74a5ac 100644
--- a/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Enable Certmap in SSSD'
diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
index 09e863e4a..ba1f546e9 100644
--- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
index f82c9e386..f4d8142ac 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/ansible/shared.yml
@@ -34,7 +34,7 @@
create: yes
mode: 0600
-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
- name: '{{{ rule_title }}} - Check if system relies on authselect'
ansible.builtin.stat:
path: /usr/bin/authselect
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
index b51312601..a9d3d9d5d 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/bash/shared.sh
@@ -13,7 +13,7 @@ umask u=rw,go=
umask $OLD_UMASK
-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
if [ -f /usr/bin/authselect ]; then
if authselect check; then
{{{ bash_enable_authselect_feature('with-smartcard') | indent(8) }}}
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
index c2ae4d39a..850809262 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/oval/shared.xml
@@ -5,7 +5,7 @@
<criteria operator="AND">
<criterion comment="Check pam_cert_auth in /etc/sssd/sssd.conf"
test_ref="test_sssd_enable_smartcards"/>
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<criterion comment="Check allow_missing_name in /etc/pam.d/smartcard-auth"
test_ref="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth"/>
<criterion comment="Check try_cert_auth or require_cert_auth in /etc/pam.d/system-auth"
@@ -25,7 +25,7 @@
<ind:instance datatype="int">1</ind:instance>
</ind:textfilecontent54_object>
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<ind:textfilecontent54_test check="all" check_existence="all_exist"
comment="tests the presence of try_cert_auth or require_cert_auth in /etc/pam.d/smartcard-auth"
id="test_sssd_enable_smartcards_allow_missing_name_smartcard_auth" version="2">
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
index 6ed233a70..f902a54c8 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Enable Smartcards in SSSD'
@@ -11,7 +11,7 @@ description: |-
<pre>[pam]
pam_cert_auth = True
</pre>
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
"try_cert_auth" or "require_cert_auth" option, like in the following example:
<pre>
@@ -62,7 +62,7 @@ ocil: |-
If configured properly, output should be
<pre>pam_cert_auth = True</pre>
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
To verify that smart cards are enabled in PAM files, run the following command:
<pre>$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth</pre>
If configured properly, output should be
@@ -77,7 +77,7 @@ fixtext: |-
pam_cert_auth = True
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
Enable the <tt>with-smartcard</tt> feature using the <tt>authselect</tt> command:
sudo authselect enable-feature with-smartcard
sudo authselect apply-changes -b
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
index bcaae2a60..557b38fd7 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# remediation = none
SSSD_FILE="/etc/sssd/sssd.conf"
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
index 5f4aaa725..61c139b34 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_disabled.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
index 860e0bb6c..ce5ac4325 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
index 78b79752a..b49c8942d 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_smartcard_enabled_lower.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
index aaf33d7b0..30144aeae 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_false.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
index 85bb1de67..fb0e3b2df 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
echo "[pam]" > $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
index 43e19d382..6c7a50002 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/tests/authselect_sssd_parameter_missing_file.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,sssd
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSSD_FILE="/etc/sssd/sssd.conf"
rm -f $SSSD_FILE
diff --git a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
index d71208630..21d24edcc 100644
--- a/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_has_trust_anchor/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'SSSD Has a Correct Trust Anchor'
diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
index 7cfba003b..fb36bb099 100644
--- a/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
index e7d5d3916..ed768f876 100644
--- a/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_instantiate_variables("var_sssd_memcache_timeout") }}}
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
index ebdf0136b..73916d8d1 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
index 890254c8e..2b6103e93 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
index 15ef6aa83..033bca316 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure SSSD to Expire Offline Credentials'
diff --git a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
index 3da9609d7..06586bd8a 100644
--- a/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_run_as_sssd_user/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
MAIN_CONF="/etc/sssd/conf.d/ospp.conf"
diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
index 599683567..8fa06fa65 100644
--- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
+++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
index f066ef1bd..01254fa6f 100644
--- a/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
+++ b/linux_os/guide/services/sssd/sssd_ssh_known_hosts_timeout/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_instantiate_variables("var_sssd_ssh_known_hosts_timeout") }}}
diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
index 331627492..72a361b30 100644
--- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
+++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/kubernetes/shared.yml
@@ -1,3 +1,3 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
{{{ kubernetes_usbguard_set(["xccdf_org.ssgproject.content_rule_package_usbguard_installed"]) }}}
diff --git a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
index c20527bf1..faa280e68 100644
--- a/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
+++ b/linux_os/guide/services/usbguard/configure_usbguard_auditbackend/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Log USBGuard daemon audit events using Linux Audit'
diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
index 9f18591b3..b49d5217a 100644
--- a/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
+++ b/linux_os/guide/services/usbguard/package_usbguard_installed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
index 47a65aeb6..46b83c460 100644
--- a/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
+++ b/linux_os/guide/services/usbguard/package_usbguard_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install usbguard Package'
diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
index e9c55dfb0..9be805c13 100644
--- a/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
+++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
diff --git a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
index e382a886f..130a87454 100644
--- a/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
+++ b/linux_os/guide/services/usbguard/service_usbguard_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Enable the USBGuard Service'
diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
index 095c6f0b5..b26e0189b 100644
--- a/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,rhcos4,rhel8,rhel9,almalinux9
title: 'Authorize Human Interface Devices in USBGuard daemon'
diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
index 5ef460be8..8a12559f6 100644
--- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
{{% macro usbguard_hid_and_hub_config_source() %}}
allow with-interface match-all { 03:*:* 09:00:* }
{{%- endmacro -%}}
diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
index be1a2d2de..9775e5a4e 100644
--- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Authorize Human Interface Devices and USB hubs in USBGuard daemon'
diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
index a5ff52550..eda5cbf8b 100644
--- a/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_allow_hub/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,rhcos4,rhel8,rhel9,almalinux9
title: 'Authorize USB hubs in USBGuard daemon'
diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
index cca593262..5ac5c0678 100644
--- a/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
index 88d55f160..f2f336700 100644
--- a/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
index 40d4e8fb3..00796b4be 100644
--- a/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
+++ b/linux_os/guide/services/usbguard/usbguard_generate_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Generate USBGuard Policy'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
index 170f89fc0..6308fa768 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove the X Windows Package Group'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
index 607ed945c..12eecd4ca 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable graphical user interface'
diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
index ab3b7ccd5..3806444b2 100644
--- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
+++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_runlevel_target/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable X Windows Startup By Setting Default Target'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
index 1dea09b2f..cbc23c694 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
index 63ceaaf88..e50ada3e4 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("login_banner_text") }}}
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
index dbae8dd3a..b77c6ae92 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
index 2e79e27b8..1c4e483c2 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
index 5735d2035..0ca7771ef 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
index 4d77e8336..4ed727fc5 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("motd_banner_text") }}}
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
index d501fe120..97a7a59f7 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Modify the System Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
index 48c86a69c..e9b46917f 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
index 92f7874d8..49cb31e41 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
index 7b22f900c..ec3050b50 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify Group Ownership of Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
index 634b03ae6..1afc26851 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
index cff8e3963..5b9f0bdb9 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
index 47c662016..40980af13 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify ownership of Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
index f80843991..b9bee27fe 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on System Login Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
index cb8d9db77..b08ded9e5 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on System Login Banner for Remote Connections'
diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
index 57ff52250..a17e58018 100644
--- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify permissions on Message of the Day Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
index 5814a30bd..aa4aa4c5c 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
index b21996ff4..b9dcaa15a 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable GNOME3 Login Warning Banner'
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
index 86aff54f9..b295782b0 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
index 649db8e37..1838fa0dc 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set the GNOME3 Login Warning Banner Text'
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
index 215b978f2..37a8704dc 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,Red Hat Virtualization 4
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,Red Hat Virtualization 4
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
index cde0bd136..786aa4402 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_sle,Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
{{% if product in ["sle12", "sle15"] or "ubuntu" in product %}}
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/login', 'session', 'required', 'pam_lastlog.so', 'showfailed', '', 'BOF') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
index 1b490cdbd..f8477977f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
index 3a6c8734a..89bdf69ea 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_line_present.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
index 1dd45236b..48b3c6c8c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
index 4dff706d4..a34bd4c94 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_silent_present.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
index 921c44ce9..2ff733e55 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
index 2a8782c30..6ee613b4d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_showfailed.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
index 510813790..15d7e9f61 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/tests/no_space_before_silent.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
index 74448292b..39b076c40 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol9,rhel8,rhel9
+prodtype: alinux2,alinux3,ol9,rhel8,rhel9,almalinux9
title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/password-auth File.'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
index 912cd8c16..45711b865 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol9,rhel8,rhel9
+prodtype: ol9,rhel8,rhel9,almalinux9
title: 'Configure the Use of the pam_faillock.so Module in the /etc/pam.d/system-auth File.'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
index 61e58c8a0..85b7eb658 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'An SELinux Context must be configured for the pam_faillock.so records directory'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
index e9ecd879f..74e4c0b09 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
index 63d03f08d..e0eae4498 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{{ bash_pam_faillock_enable() }}}
{{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
index 5e75c996c..125502173 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
index e1eb0a970..74c1da0a8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
index 95c3a04db..37caefc2f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
index 365006509..2a10d041b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
{{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
index 6aaf7bf37..fe49dd7de 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Limit Password Reuse: password-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
index bef6bbcea..f7a2048f0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
index 111ed3df6..b0029939b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
index cc133d939..24e3f36f4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
index 006ff25ae..bf7405aa9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
index e16e7434b..13c772ae4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
index e5af75fdc..b884806b9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
index aef7595c6..d71a7e2f0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
index f16643985..3727d7077 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
index debcc53ca..0bf8c576e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
index e4be20de0..a9d7e2ec1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
index a55f86dc3..5506f8c40 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
{{{ bash_instantiate_variables("var_password_pam_remember", "var_password_pam_remember_control_flag") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
index aeb999b8d..07d1c6ef0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Limit Password Reuse: system-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
index fe238b41b..afb618418 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
index bc6d5ab7f..5e83891a3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
index dd12efbc1..057c54a24 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
index 21a16e3f7..815679b6d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
index 678ea16f7..a557caa01 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
index e5af75fdc..b884806b9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
index 26cc946a1..e0a147227 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
index e25a158f7..d168e2b40 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
index 253d50de1..4892717b8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
index 658f8a3e4..de28cf579 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
index c830c07aa..3548b0341 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{% if product in [ "sle12", "sle15" ] %}}
{{%- set accounts_password_pam_unix_remember_file = '/etc/pam.d/common-password' -%}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
index f3e6931ac..cb2328d43 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Limit Password Reuse'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
index a18fa3d6c..69fae67e2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_conflict_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
index bc6d5ab7f..5e83891a3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
index dd12efbc1..057c54a24 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_correct_value_pam.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
index d774ac79a..bf9f42a01 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_argument.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_remember=5
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
index 4ef7a3f61..ddd8feb77 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_missing_line.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_remember=5
if authselect list-features minimal | grep -q with-pwhistory; then
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
index 02d30f17a..1a687f0b9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
index 7f6215029..5756729af 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_correct.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_remember=5
remember_cnt=5
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
index 3c1cea1d5..94513096b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_pam_unix_legacy_wrong.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_remember=5
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
index e25a158f7..d168e2b40 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
index 253d50de1..4892717b8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/tests/authselect_wrong_value_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
remember_cnt=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
index e9ecd879f..74e4c0b09 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
index 63d03f08d..e0eae4498 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{{ bash_pam_faillock_enable() }}}
{{{ bash_pam_faillock_parameter_value("audit", authfail=False)}}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
index 5e75c996c..125502173 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
index e1eb0a970..74c1da0a8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
index 8ab749d4f..00c16754b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
index 449d912d0..22f5dc375 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_deny") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
index 0fa9fac37..f13d6f58f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2204
title: 'Lock Accounts After Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
index b3232cc93..97b5d1069 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/authselect_modified_pam.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
index 24f5731f6..875972eb2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
pam_files=("password-auth" "system-auth")
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
index aa3ca061d..64992df97 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_deny=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
index e770e300f..ae701fdab 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_deny=3
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
index fd57152b8..664e42beb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_lenient_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_deny=3
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index efb57601c..bac7a6401 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_deny=3
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
index 595b85192..f547b7431 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_deny=3
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
index 2a6868f38..70448df97 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
index 09d8aeee0..72b3aeacb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
{{{ bash_pam_faillock_enable() }}}
{{{ bash_pam_faillock_parameter_value("even_deny_root", "") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
index 94892c9d0..ce78d1fdf 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Configure the root Account for Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
index b3232cc93..97b5d1069 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/authselect_modified_pam.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
index 99025443d..0541b5d3d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
pam_files=("password-auth" "system-auth")
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
index 476c4e77e..387e5d90a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
index 87bca6919..c59070dd3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
authselect select sssd --force
authselect enable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index 7c702d669..652c29b25 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
index 28753f735..785fd2940 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Lock Accounts Must Persist'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
index 679e47bcc..f345e12ae 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
index 6bb763cf5..cd6900bb5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
index 2f08a7d47..86f0bb1d8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_dir/tests/wrong_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
index fd8e44443..d30a92fd8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
index e9c09b713..ffbbb68cd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
{{{ bash_pam_faillock_enable() }}}
{{{ bash_pam_faillock_parameter_value("local_users_only", "") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
index fc85c1c4e..f72fd7a05 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Enforce pam_faillock for Local Accounts Only'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
index 856bd56ea..9f76150c3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_disabled.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
authselect select sssd --force
authselect disable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
index 075791de6..899751de9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
authselect select sssd --force
authselect enable-feature with-faillock
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index 978cccce6..a3e8b3365 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
index 053f91100..f294bc5a0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_enforce_local/tests/pam_faillock_not_required_pam_files.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# This test scenario manually modify the pam_faillock.so entries in auth section from
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
index ac3b9789e..bf2620ccd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
index a49ddf559..41dc70b88 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_fail_interval") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
index 6a3f5b169..17b16d3e5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2204
title: 'Set Interval For Counting Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
index b3232cc93..97b5d1069 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/authselect_modified_pam.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
index 9a553893c..e8f966aa5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
pam_files=("password-auth" "system-auth")
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
index 0b67e0e02..2f33f8a90 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_fail_interval=900
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
index 82bf9fa75..758999d53 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_fail_interval=900
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
index 74236e2fb..75bd18da8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_lenient_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_fail_interval=900
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index ef2461160..783bf6cdb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_fail_interval=900
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
index c71a12afe..93a3aee74 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_fail_interval=900
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
index e62d54321..e0ca5bdf2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,rhel8,rhel9
+prodtype: ol8,rhel8,rhel9,almalinux9
title: 'Do Not Show System Messages When Unsuccessful Logon Attempts Occur'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
index fdd0c4c06..e65906af5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
index f73c751f5..812b6ba1b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_password_auth.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
index 514b2bb37..52f16f216 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_silent/tests/missing_parameter_system_auth.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
index 230ff5eaa..c53da64d0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
index 3a32aad36..d1f4a0327 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_accounts_passwords_pam_faillock_unlock_time") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
index f55ff2cef..66406f891 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2204
title: 'Set Lockout Time for Failed Password Attempts'
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
index b3232cc93..97b5d1069 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/authselect_modified_pam.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
index d547b0e35..8882d876b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/conflicting_settings_authselect.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
pam_files=("password-auth" "system-auth")
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
index 057348eb4..0345fd442 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_conflicting_settings.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_unlock_time=600
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
index 1840cae45..7f2b5cddf 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_expected_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_unlock_time=600
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
index 838ab7c53..527dec679 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_lenient_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_unlock_time=600
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
index b7b1532bb..7f9bb22e6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_multiple_pam_unix_faillock_conf.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# remediation = none
# variables = var_accounts_passwords_pam_faillock_unlock_time=600
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
index a57645eb1..641d38610 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/tests/pam_faillock_stricter_faillock_conf.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Oracle Linux 8
+# platform = multi_platform_fedora,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,Oracle Linux 8
# variables = var_accounts_passwords_pam_faillock_unlock_time=600
authselect select sssd --force
diff --git a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
index 48798893e..18b59569e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/package_pam_pwquality_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,ubuntu2004
+prodtype: rhel7,rhel8,rhel9,almalinux9,ubuntu2004
title: 'Install pam_pwquality Package'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
index e67cd8835..d7d49e1d7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
index d41ca6c26..3d804a0e4 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004
title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
index e7fdf2e8b..11b69b5da 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004
title: 'Ensure PAM Enforces Password Requirements - Minimum Different Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
index d94ecedae..810b3f4c5 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_local/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Ensure PAM Enforces Password Requirements - Enforce for Local Accounts Only'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
index 198475c87..260ac3b78 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol9,rhel8,rhel9
+prodtype: fedora,ol9,rhel8,rhel9,almalinux9
title: 'Ensure PAM Enforces Password Requirements - Enforce for root User'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
index 5799a7b12..a6044143d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
index 5f812e16f..5f6cef716 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxclassrepeat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure PAM Enforces Password Requirements - Maximum Consecutive Repeating Characters from Same Character Class'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
index 8984b63d9..17bc8eb97 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_maxrepeat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Set Password Maximum Consecutive Repeating Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
index 64f091504..0f469cecb 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
index f75a68077..b1ae5b48e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Length'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
index 632aa24dc..e9ad8a3cd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Special Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
index 06f7962fd..dc6eea20d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
index a55859203..377efc82e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
index 24b8bb7b8..0dbe5a01a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure PAM password complexity module is enabled in password-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
index 81d2955d3..ac3aae234 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_commented_entry.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
index 4bb7a4872..c878fd41e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_correct_entry.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
index 32ce46407..53719b5d8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_missing_entry.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
index 0f9b75cec..dc9f9b1af 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/password-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
index 61c28f2d6..1bbd85df1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
index 90484d66f..81664de52 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
index 4ea10f4c4..6c1de4e4c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/system-auth', 'password', 'requisite', 'pam_pwquality.so', '', '', '^account.*required.*pam_permit\.so') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
index 7d123e736..c0be4f004 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure PAM password complexity module is enabled in system-auth'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
index f68622be4..6b3eb34dd 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_commented_entry.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
index 0de6065a2..8565473b6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_correct_entry.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
index 03a4ef295..3c65f0c19 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_missing_entry.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
index ae0ed105d..e1e6ce6bf 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
index 60ebfdeba..b53e75109 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_pwquality_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
index 36e9a27b9..fe1b603ab 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
index 73f5ec7a6..4d87174e6 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session'
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
index 03723cd8c..1df4f1d61 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/argument_missing.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
index 19cac93f4..95a79c236 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
index ae605f717..0e5676805 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
index ce7f4b7a3..9c8b93a75 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
index 962112d6a..7703ed3f7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
index ea2eb57fe..31e80535f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# variables = var_password_pam_retry=3
source common.sh
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
index 6c631ea37..d526d691a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004,ubuntu2204
title: 'Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
index b3e32aa31..547d137b1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
index 115273566..bd94d707c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
LIBUSER_CONF="/etc/libuser.conf"
CRYPT_STYLE_REGEX='[[:space:]]*\[defaults](.*(\n)+)+?[[:space:]]*crypt_style[[:space:]]*'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
index cadfa1905..8f75a5fc3 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Set Password Hashing Algorithm in /etc/libuser.conf'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
index 8dedf993c..51c76b11a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
index dcb9dd0af..98d2bbec9 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_password_hashing_algorithm") }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
index e58180a1b..aa0052486 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Password Hashing Algorithm in /etc/login.defs'
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
index 31c14211e..be9f04642 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
index 55f43ef98..2b993b52b 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
{{{ bash_ensure_pam_module_configuration('/etc/pam.d/password-auth', 'password', 'sufficient', 'pam_unix.so', 'sha512', '', '') }}}
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
index 8d7b14d4e..a09fb3fd7 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: "Set PAM''s Password Hashing Algorithm - password-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
index 17a57e1e1..666d1d152 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
index b76a6118f..9425e8c90 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_missing_option.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
index 0ca781181..87ccb7bb1 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
PASSWORD_AUTH_FILE="/etc/pam.d/password-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
index f72c7bde2..25fd37ced 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
index 7a6a7f403..69d1d3405 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: "Set PAM''s Password Hashing Algorithm"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
index 74ea0c265..92599832a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
index f74ccbd86..8d694c0f2 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_missing_option.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
index 27be252bc..3622e705e 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
index d4b163f24..819ad4b0a 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
authselect create-profile hardening -b sssd
CUSTOM_PROFILE="custom/hardening"
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
index 9a490a8be..fdd2e7e0c 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_min_rounds_logindefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Set Password Hashing Rounds in /etc/login.defs'
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
index 3045574e5..7ce6bb466 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
index 9c18a0c26..be97a6e6d 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Disable Ctrl-Alt-Del Burst Action'
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
index 517c83c6e..041e9a29c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
index cdb3cbf45..a19af6ca6 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Ctrl-Alt-Del Reboot Activation'
diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
index cf5da2ae1..02fa6e509 100644
--- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Verify that Interactive Boot is Disabled'
diff --git a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
index 00e31fc21..646d6725c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/logind_session_timeout/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9
+prodtype: rhel8,rhel9,almalinux9
title: "Configure Logind to terminate idle sessions after certain time of inactivity"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
index a3490a60d..81831631c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/ansible/shared.yml
@@ -18,7 +18,7 @@
create: yes
dest: /usr/lib/systemd/system/emergency.service
regexp: "^#?ExecStart="
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9"] -%}}
line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency"
{{%- else -%}}
line: 'ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
index 2a65ef992..641747e9e 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/bash/shared.sh
@@ -7,7 +7,7 @@ service_dropin_file="${service_dropin_cfg_dir}/10-oscap.conf"
service_file="/usr/lib/systemd/system/emergency.service"
{{% endif %}}
-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
sulogin="/usr/lib/systemd/systemd-sulogin-shell emergency"
{{%- else -%}}
sulogin='/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
index fadfa300c..e123d8735 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/oval/shared.xml
@@ -24,7 +24,7 @@
</definition>
<ind:textfilecontent54_test check="all" check_existence="all_exist"
comment="Tests that
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
/usr/lib/systemd/systemd-sulogin-shell
{{%- else -%}}
/sbin/sulogin
@@ -36,7 +36,7 @@
</ind:textfilecontent54_test>
<ind:textfilecontent54_object id="obj_require_emergency_service" version="1">
<ind:filepath>/usr/lib/systemd/system/emergency.service</ind:filepath>
- {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
<ind:pattern operation="pattern match">^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency</ind:pattern>
{{%- else -%}}
<ind:pattern operation="pattern match">^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"</ind:pattern>
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
index 534b5a093..0f2c9560a 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Require Authentication for Emergency Systemd Target'
@@ -56,7 +56,7 @@ ocil: |-
To check if authentication is required for emergency mode, run the following command:
<pre>$ grep sulogin /usr/lib/systemd/system/emergency.service</pre>
The output should be similar to the following, and the line must begin with
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
<pre>ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency</pre>
{{%- else -%}}
@@ -84,7 +84,7 @@ fixtext: |-
Configure {{{ full_name }}} to require authentication for system emergency mode.
Add or edit the following line in "/usr/lib/systemd/system/emergency.service":
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency
{{%- else -%}}
ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
index bce932b72..dda999a74 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
service_file="/usr/lib/systemd/system/emergency.service"
sulogin="/usr/lib/systemd/systemd-sulogin-shell"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
index d9fdc678f..a4f6ea6a9 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
service_file="/usr/lib/systemd/system/emergency.service"
sulogin="/bin/bash"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
index 225a73f0b..3943c04f0 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/ansible/shared.yml
@@ -9,7 +9,7 @@
create: yes
dest: /usr/lib/systemd/system/rescue.service
regexp: "^#?ExecStart="
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
line: "ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue"
{{% elif product in ["rhel7"] %}}
line: 'ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
index e4624e582..347c51e12 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/bash/shared.sh
@@ -2,7 +2,7 @@
service_file="/usr/lib/systemd/system/rescue.service"
-{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+{{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
sulogin="/usr/lib/systemd/systemd-sulogin-shell rescue"
{{%- elif product in ["rhel7"] -%}}
sulogin='/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"'
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
index 62fd1a76a..d4074b6b5 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/oval/shared.xml
@@ -14,7 +14,7 @@
</definition>
<ind:textfilecontent54_test check="all" check_existence="all_exist"
comment="Tests that
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "rhcos4", "sle12", "sle15"] -%}}
/usr/lib/systemd/systemd-sulogin-shell
{{%- else -%}}
/sbin/sulogin
@@ -26,7 +26,7 @@
</ind:textfilecontent54_test>
<ind:textfilecontent54_object id="obj_require_rescue_service" version="1">
<ind:filepath>/usr/lib/systemd/system/rescue.service</ind:filepath>
- {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4", "sle12", "sle15"] -%}}
+ {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "rhcos4", "sle12", "sle15"] -%}}
<ind:pattern operation="pattern match">^ExecStart=\-.*/usr/lib/systemd/systemd-sulogin-shell[ ]+rescue</ind:pattern>
{{%- else -%}}
<ind:pattern operation="pattern match">^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\"</ind:pattern>
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
index bd617f3e8..57cf588c0 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Require Authentication for Single User Mode'
@@ -60,7 +60,7 @@ ocil: |-
To check if authentication is required for single-user mode, run the following command:
<pre>$ grep sulogin /usr/lib/systemd/system/rescue.service</pre>
The output should be similar to the following, and the line must begin with
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "rhcos4"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "rhcos4"] -%}}
ExecStart and /usr/lib/systemd/systemd-sulogin-shell.
<pre>ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue</pre>
{{%- elif product in ["rhel7"] -%}}
@@ -93,7 +93,7 @@ fixtext: |-
Configure {{{ full_name }}} to require authentication in single user mode.
Add or update the following line in "/usr/lib/systemd/system/rescue.service":
- {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}}
+ {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15"] -%}}
ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue
{{%- elif product in ["rhel7"] -%}}
ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block default"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
index fd13fbd1c..ce2a1a9dc 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
service_file="/usr/lib/systemd/system/rescue.service"
sulogin="/usr/lib/systemd/systemd-sulogin-shell"
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
index 63b9b08b5..15abe6cec 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
service_file="/usr/lib/systemd/system/rescue.service"
sulogin="/bin/bash"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
index 8a64b5ea8..1e81d2e92 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
index 2b2bf8871..b62b17fc0 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_exec_tmux/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Support session locking with tmux'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
index f33344719..09c69b4e5 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_bashrc_tmux/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
index dc63eb653..dc6931307 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
index de8fab7e5..9a75f3fc4 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_after_time/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure tmux to lock session after inactivity'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
index 80856b34d..5cffbff2c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure the tmux Lock Command'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
index 6b2d6cd5e..c20712c9f 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
index ec8fee18b..ed04283bd 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/no_tmux_in_shells/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Prevent user from disabling the screen lock'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
index 14207a44c..2c975a940 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/package_tmux_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4
title: 'Install the tmux Package'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
index a1e6ae87e..bb9ae4d3d 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure opensc Smart Card Drivers'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
index 27d1884f2..82caf0779 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Force opensc To Use Defined Smart Card Driver'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
index a75f509a3..c7fb9b03d 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
@@ -12,7 +12,7 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004
title: 'Install Smart Card Packages For Multifactor Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
index 56570f5c6..7009fc6dd 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,ubuntu2004
title: 'Install the opensc Package For Multifactor Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
index f3b1ef07a..611d50bd3 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_pcsc-lite_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install the pcsc-lite package'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
index dcad70a82..48e796463 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Enable the pcscd Service'
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
index 18231e23a..c986f5c73 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
index c2afecc19..652fbedb7 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/commented.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ubuntu,multi_platform_rhel
+# platform = multi_platform_ubuntu,multi_platform_rhel,multi_platform_almalinux
# packages = openssl-pkcs11
if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
index d7103cc0a..68c252f78 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/correct.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# packages = openssl-pkcs11
if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
index c0cc3c94f..6db041b04 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/tests/missing_ocsp.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# packages = openssl-pkcs11
if [ ! -f /etc/pam_pkcs11/pam_pkcs11.conf ]; then
diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
index ff493491e..082c8e61a 100644
--- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
index aad6ad4b6..0ea11661e 100644
--- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Disable debug-shell SystemD Service'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
index 74598bc7e..680caf4ba 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
index f299285d4..52e841b61 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
{{{ bash_instantiate_variables("var_account_disable_post_pw_expiration") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
index da2a2d367..e1aed6fec 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Account Expiration Following Inactivity'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
index 826119eaf..d6e707d6f 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_emergency_expire_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Assign Expiration Date to Emergency Accounts'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
index 90045204c..ece6239ac 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004
title: 'Assign Expiration Date to Temporary Accounts'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
index 487bfd63a..b34d490ee 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Accounts on the System Have Unique User IDs'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
index 9bb4ecb9f..b33b83d55 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Only Authorized Local User Accounts Exist on Operating System'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
index aa147fdce..bb8288f5b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/accounts_authorized_local_users/tests/default.pass.sh
@@ -1,5 +1,5 @@
#! /bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_accounts_authorized_local_users_regex=^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$
var_accounts_authorized_local_users_regex="^(root|bin|daemon|adm|lp|sync|shutdown|halt|mail|operator|games|ftp|nobody|pegasus|systemd-bus-proxy|systemd-network|dbus|polkitd|abrt|unbound|tss|libstoragemgmt|rpc|colord|usbmuxd$|pcp|saslauth|geoclue|setroubleshoot|rtkit|chrony|qemu|radvd|rpcuser|nfsnobody|pulse|gdm|gnome-initial-setup|postfix|avahi|ntp|sshd|tcpdump|oprofile|uuidd)$"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
index 1ba8ed152..3a0b63e44 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Groups on the System Have Unique Group ID'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
index bed135a4d..1df8f3a2c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
index 0c81c0ee5..29f31c654 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
index b04d7cdb8..0d5a5831e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
index 23710faba..7f1f5642d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_instantiate_variables("var_accounts_password_minlen_login_defs") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
index e387ed756..bcf05096d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
index 8ff7cba19..14ece5d17 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
index d56b4e8c0..8274fcfd4 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Existing Passwords Maximum Age'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
index 5e1fe03a2..908f94abc 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Existing Passwords Minimum Age'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
index d99bded94..aeb6e584a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_warn_age_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: "Set Existing Passwords Warning Age"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
index 4994ff315..e8469b8e9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
index f0bf9d696..2c184af24 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_set_post_pw_existing/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Set existing passwords a period of inactivity before they been locked'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
index 25ec7a969..d5b38106c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed_sha512/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004
title: 'Verify All Account Password Hashes are Shadowed with SHA512'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
index 82110016d..2a73ed386 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
index a40010714..d244fc548 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
index f29320755..893fddd0e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Set number of Password Hashing Rounds - password-auth'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
index 3e24ba16a..1770f4b7e 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_argument_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
index 39690d88d..914ee7d84 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
index 9c99fc307..7db9d4a78 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
# variables = var_password_pam_unix_rounds=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
index dc8b11e2d..b44396f63 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
index 96bcc3e23..ce746e89b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_password_auth/tests/authselect_wrong_value.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=4000
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
index c0b520bdf..70ab14cba 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
index 8316e495a..bf8a4c240 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
{{{ bash_instantiate_variables("var_password_pam_unix_rounds") }}}
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
index c2c92fd71..dbb641111 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Set number of Password Hashing Rounds - system-auth'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
index 3da866412..4347773a9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_argument_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
authselect create-profile hardening -b sssd
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
index 67a052f98..2ea2aafe5 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_correct_value.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
index 3e62935b5..ea66520cd 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
# variables = var_password_pam_unix_rounds=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
index 85bbbdb7f..814f4e016 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_control.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=65536
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
index 244799045..7f57ec0e1 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_pam_unix_rounds_system_auth/tests/authselect_wrong_value.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# variables = var_password_pam_unix_rounds=65536
ROUNDS=4000
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
index feb5366ed..f94a8b0c3 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
index e85580dc5..130911186 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
index ad3133b1f..eac1b843a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
index 1dd45236b..48b3c6c8c 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_modified_pam.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = none
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
index 0dfb32e31..04a7b6271 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_absent.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
index 9dc5d7677..f00e9272d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/tests/authselect_nullok_present.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
SYSTEM_AUTH_FILE="/etc/pam.d/system-auth"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
index c101f11ca..f250af62d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
+prodtype: alinux2,alinux3,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004
title: 'Verify No .forward Files Exist'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
index 7241e77ea..03bca8fb9 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_group/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Ensure there are no legacy + NIS entries in /etc/group'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
index 29c2f102c..e3f51db74 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_passwd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure there are no legacy + NIS entries in /etc/passwd'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
index 468158339..041364cef 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_legacy_plus_entries_etc_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure there are no legacy + NIS entries in /etc/shadow'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
index 04a2f562d..2c0e15313 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_pam_wheel_group_empty/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure the Group Used by pam_wheel Module Exists on System and is Empty'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
index 98cc90fac..6e0cc2506 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/ensure_root_password_configured/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure Authentication Required for Single User Mode'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
index 8f87bf06e..6bed5ef5a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
index 6a819ccd5..7bd66a55b 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure that System Accounts Do Not Run a Shell Upon Login'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
index 5f9c92aac..119219eb0 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
index 945940087..c71e3c698 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
index e7f5c730c..8f06c6cfa 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
index cf672ee28..ea4326138 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# uncomment the option if commented
sed '/^[[:space:]]*#[[:space:]]*auth[[:space:]]\+required[[:space:]]\+pam_wheel\.so[[:space:]]\+use_uid$/s/^[[:space:]]*#//' -i /etc/pam.d/su
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
index 3320b393c..caa81bd57 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Enforce usage of pam_wheel for su authentication'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
index d425057a3..c5b9fa2cc 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_group_for_su/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enforce Usage of pam_wheel with Group Parameter for su Authentication'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
index 9a8332e38..9a567824d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_have_homedir_login_defs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure Home Directories are Created for New Users'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
index 53b68079e..2a6b66121 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_sle,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ol
# disruption = low
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
index 23e6f0dd5..6055798dd 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_logon_fail_delay/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
{{{ bash_instantiate_variables("var_accounts_fail_delay") }}}
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
index 536ac2956..d1bff5ffa 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
index 0005b2ccb..0329d6cdf 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
{{{ bash_instantiate_variables("var_accounts_max_concurrent_login_sessions") }}}
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
index e91ae0493..75a3d622d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Interactive Session Timeout'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
index e56be2792..1156b8b1f 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2204
title: 'User Initialization Files Must Not Run World-Writable Programs'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
index 56fc415f9..6b9b3de28 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure that Users Path Contains Only Local Directories'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
index b90ef5d7d..6f3b1467d 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'All Interactive Users Must Have A Home Directory Defined'
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
index 6811bb1c2..6cabdee89 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive Users Home Directories Must Exist'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
index 94c513327..395be0d3d 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive User Home Directories Must Be Group-Owned By The Primary Group'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
index 5bfdd4a14..3af680a4f 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure All User Initialization Files Have Mode 0740 Or Less Permissive'
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
index bda4bfd36..503f5dd85 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'All Interactive User Home Directories Must Have mode 0750 Or Less Permissive'
diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
index 5bfb963a1..77807dbfb 100644
--- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
index 8293b72ad..4b4778b29 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure the Default Bash Umask is Set Correctly'
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
index 0f681a6db..846b47fee 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_accounts_user_umask") }}}
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
index 21238691a..b32ebb548 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_csh_cshrc/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle15,ubuntu2004
+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle15,ubuntu2004
title: 'Ensure the Default C Shell Umask is Set Correctly'
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
index ded8284be..f1d84c863 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure the Default Umask is Set Correctly For Interactive Users'
diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
index ec75bf6d2..eb2aa2ea1 100644
--- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/correct_set-up.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
index a545d9791..383a6ee76 100644
--- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/no_symlinks.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
touch /etc/pam.d/{password,system}-auth-{mycustomconfig,ac}
diff --git a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
index 82fb5d543..2dbee752d 100644
--- a/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
+++ b/linux_os/guide/system/accounts/authconfig_config_files_symlinks/tests/symlinks_wrong_target.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
mv /etc/pam.d/system-auth /etc/pam.d/system-auth-ac
diff --git a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
index ef7e5cc46..af22bbce4 100644
--- a/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
+++ b/linux_os/guide/system/accounts/enable_authselect/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora,multi_platform_ol
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/accounts/enable_authselect/rule.yml b/linux_os/guide/system/accounts/enable_authselect/rule.yml
index e60ba5955..457a80d0c 100644
--- a/linux_os/guide/system/accounts/enable_authselect/rule.yml
+++ b/linux_os/guide/system/accounts/enable_authselect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Enable authselect'
diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
index 31c46debf..9b4e3abe2 100644
--- a/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
+++ b/linux_os/guide/system/accounts/enable_authselect/tests/not_remediable.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = authselect,pam
# remediation = none
diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
index ac68df9e0..f589bfb44 100644
--- a/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
+++ b/linux_os/guide/system/accounts/enable_authselect/tests/profile.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = authselect,pam
authselect select minimal --force
diff --git a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
index 3bd07c62e..e328ca74c 100644
--- a/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
+++ b/linux_os/guide/system/accounts/enable_authselect/tests/remediable.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = authselect,pam
rm -f /etc/pam.d/{fingerprint-auth,password-auth,postlogin,smartcard-auth,system-auth}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
index 1dc43e75f..f1c518f50 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
@@ -11,13 +11,13 @@ description: |-
startup (the default), add the following line to a file with suffix
<tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S fremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S fremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
@@ -25,13 +25,13 @@ description: |-
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S fremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S fremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S fremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S fremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
index 261433ef9..356c6b915 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
startup (the default), add the following line to a file with suffix
<tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S fsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S fsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the <tt>auditd</tt> daemon is configured to use the <tt>auditctl</tt>
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S fsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S fsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S fsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S fsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
index abe8228aa..b69180b41 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
@@ -11,13 +11,13 @@ description: |-
startup (the default), add the following line to a file with suffix
<tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S lremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S lremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
@@ -25,13 +25,13 @@ description: |-
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S lremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S lremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S lremovexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S lremovexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
index f855dd32b..406d2846a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
startup (the default), add the following line to a file with suffix
<tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S lsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S lsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the <tt>auditd</tt> daemon is configured to use the <tt>auditctl</tt>
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S lsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S lsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S lsetxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S lsetxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
index 63d3490a4..d46e891f4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
@@ -10,13 +10,13 @@ description: |-
program to read audit rules during daemon startup (the default), add the
following line to a file with suffix <tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S removexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S removexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
@@ -24,13 +24,13 @@ description: |-
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S removexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S removexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
<br /><br />
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S removexattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S removexattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
index ab4c0226e..00eb429aa 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
@@ -9,24 +9,24 @@ description: |-
startup (the default), add the following line to a file with suffix
<tt>.rules</tt> in the directory <tt>/etc/audit/rules.d</tt>:
<pre>-a always,exit -F arch=b32 -S setxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S setxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the <tt>auditd</tt> daemon is configured to use the <tt>auditctl</tt>
utility to read audit rules during daemon startup, add the following line to
<tt>/etc/audit/audit.rules</tt> file:
<pre>-a always,exit -F arch=b32 -S setxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b32 -S setxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
If the system is 64 bit then also add the following line:
<pre>-a always,exit -F arch=b64 -S setxattr -F auid&gt;={{{ auid }}} -F auid!=unset -F key=perm_mod</pre>
-{{%- if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
<pre>-a always,exit -F arch=b64 -S setxattr -F auid=0 -F key=perm_mod</pre>
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
index 2a15e8610..70b63bcf8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_chacl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run chacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
index 8c1cec42e..805dd26ce 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_acl_commands/audit_rules_execution_setfacl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run setfacl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
index 4f4194fe8..a442db27a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run chcon'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
index 786df6b45..03f695c90 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Record Any Attempts to Run restorecon'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
index 43a9ae184..5b3e5de73 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Record Any Attempts to Run semanage'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
index 359326710..aa91706ca 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setfiles/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Any Attempts to Run setfiles'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
index 810d62838..1009e7641 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Record Any Attempts to Run setsebool'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
index 54f8d69cf..fad2c3062 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
@@ -1,11 +1,11 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Any Attempts to Run seunshare'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
index 53e61fb25..e9a0edcde 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# Perform the remediation for the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
index f3e0836c8..227015d9d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Ensure auditd Collects File Deletion Events by User'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
index d3b018633..2d5034408 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Record Successful Permission Changes to Files - chmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
index 241d1d633..4efe8c2cd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Ownership Changes to Files - chown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
index a1f8f3955..f0302e357 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - creat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
index ce7070ed8..50a9569ec 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - fchmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
index 4b6cee018..f8cf2f9ce 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - fchmodat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
index 6bc0b9595..8582dea62 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Ownership Changes to Files - fchown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
index e882a57be..2c4466509 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Ownership Changes to Files - fchownat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
index ee4ff3a8d..bab372422 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - fremovexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
index d40bfdeee..02d5fc6e4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - fsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
index 4fe00220c..1b9afe7d7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_ftruncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - ftruncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
index 90873b108..424c85fe4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Ownership Changes to Files - lchown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
index acbfbc0e0..c47fe1e22 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - lremovexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
index b669f750c..2431cd5d9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - lsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
index 9cc9ff866..515ac1357 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - open'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
index 89a65e14e..48177a511 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - open_by_handle_at'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
index 38a00312e..edd813ec5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
index 5ed132a52..f919dc389 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
index bef2d87a1..1b8115b2e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - open O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
index 653e1d8e1..72b85f515 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_open_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - open O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
index 16e9b483f..f811b2a05 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - openat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
index 75ead44a9..341983ea1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - openat O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
index 13ff5e23c..a363720d4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_openat_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Record Successful Creation Attempts to Files - openat O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
index 7d7e3ebe8..f86b23f9f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - removexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
index 82d103ece..d888a14c8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Delete Attempts to Files - rename'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
index 1736c971c..b70824cfd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Delete Attempts to Files - renameat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
index 75809f4aa..8e0523a34 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Permission Changes to Files - setxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
index 4d850dc81..547137e44 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_truncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Access Attempts to Files - truncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
index 91e8f67b6..90b300d31 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Delete Attempts to Files - unlink'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
index a11b195b1..f89385830 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Record Successful Delete Attempts to Files - unlinkat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
index 8a48783f6..b846f8113 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# Perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
index 631c277ee..b7a2cf7e2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
index c2530e143..ada8e4ae5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - chmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
index b5857ab4f..bf38eb6ff 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_chown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Ownership Changes to Files - chown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
index a3e663e12..41676e668 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - creat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
index 8edd48b30..c3c416abc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - fchmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
index d253410ea..e0050f140 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchmodat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - fchmodat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
index 58b032454..ab8e01d0c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Ownership Changes to Files - fchown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
index ef76fd58a..3ff338858 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fchownat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Ownership Changes to Files - fchownat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
index fa0448df4..6515fe803 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fremovexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - fremovexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
index c0bf31449..fdc913a3f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_fsetxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - fsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
index d088d91bc..706bbe595 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - ftruncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
index 3ad9634f5..d0c9648db 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lchown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Ownership Changes to Files - lchown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
index cdadbe887..6d1f3032f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lremovexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - lremovexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
index 249c0169c..a86b0ba90 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_lsetxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - lsetxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
index de8897a2c..236258921 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - open'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
index 7b303e092..ce311256a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
index ffc509c50..900cb7bd8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Creation Attempts to Files - open_by_handle_at O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
index f179706b3..7a7b7a6c5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Modification Attempts to Files - open_by_handle_at O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
index c944fb9e6..b506644af 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
index 8a24ab1aa..7444bdc6c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Unauthorized Access Attempts To open_by_handle_at Are Ordered Correctly'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
index 35ddbc326..1d8db3fcc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Creation Attempts to Files - open O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
index d4dc5611f..7bf5a6a80 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Modification Attempts to Files - open O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
index c944fb9e6..b506644af 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
index 0da3156af..2ae183269 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_rule_order/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Rules For Unauthorized Attempts To open Are Ordered Correctly'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
index c85d6d55c..c150d27b5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - openat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
index d3fb5e8c2..138fe02f6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_creat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Creation Attempts to Files - openat O_CREAT'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
index c1352ae38..31de43746 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
index cd573dc71..8fb2fabec 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_o_trunc_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Modification Attempts to Files - openat O_TRUNC_WRITE'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
index c944fb9e6..b506644af 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_create_audit_remediation_unsuccessful_file_modification_detailed("/etc/audit/rules.d/30-ospp-v42-remediation.rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
index 5a16683de..aa3ede10c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat_rule_order/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Rules For Unauthorized Attempts To openat Are Ordered Correctly'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
index 7d0ef046a..8aaa0f225 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_removexattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - removexattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
index ef40c036b..5a2292f86 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_rename/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Record Unsuccessful Delete Attempts to Files - rename'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
index 5b52aec1a..f1f6dad56 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_renameat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Record Unsuccessful Delete Attempts to Files - renameat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
index 094ab0e07..6449d4ab5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_setxattr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Unsuccessful Permission Changes to Files - setxattr'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
index b7e17951e..3a0b5cd01 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Unsuccessful Access Attempts to Files - truncate'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
index 0d26a2f0d..ce54dd96c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlink/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Record Unsuccessful Delete Attempts to Files - unlink'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
index 38b174793..1e7dd1f9b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_unlinkat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Record Unsuccessful Delete Attempts to Files - unlinkat'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
index 590a5ff6b..5ceb15d9b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
index 18778fd6d..36ae06b60 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
index bdf3015c4..658327033 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
index 81da90162..2bba878ac 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol7,rhel7,rhel8,rhel9
+prodtype: alinux3,ol7,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects Information on Kernel Module Unloading - create_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
index 369b1efa7..6178f245a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol
# reboot = false
# complexity = low
# disruption = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
index 7c8e520c1..e5c1d9d93 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
index d7973aed9..f854ab093 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
index 104426d89..58d592d3b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# complexity = low
# disruption = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
index 639d76a21..7f4d463d6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
index 57bf26f06..e2f9b0221 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
index c4915eac1..6fd747807 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ol
# reboot = false
# complexity = low
# disruption = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
index 083a612a0..3228b89b7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
index 4392f855f..ca118c200 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
index ffb320b1a..ecee81136 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9
+prodtype: rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - query_module'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
index 009564309..784bba987 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_query/tests/missing_auid_filter.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = audit
rm -f /etc/audit/rules.d/*
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
index d58a5ee62..c6d928bbd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
index bee62126a..7736292d4 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Record Attempts to Alter Logon and Logout Events'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
index 9c69bc099..2c577274f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/tests/rules_without_keys.pass.sh
@@ -2,7 +2,7 @@
# packages = audit
# remediation = bash
-{{% if product in ["ol8", "ol9", "rhel8", "rhel9"] %}}
+{{% if product in ["ol8", "ol9", "rhel8", "rhel9", "almalinux9"] %}}
{{% set faillock_path="/var/log/faillock" %}}
{{% else %}}
{{% set faillock_path="/var/run/faillock" %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
index 4dcd32e2c..089f82beb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Record Attempts to Alter Logon and Logout Events - faillock'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
index 45c08e4c4..fa08cd80f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Attempts to Alter Logon and Logout Events - lastlog'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
index 96f6e645f..c8a01d3a2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Attempts to Alter Logon and Logout Events - tallylog'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
index 8f306736e..c6273db3d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
index 8615165ec..002902145 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_default.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
index bc3f67c9c..a37ccd0bf 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_missing_rule.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules
sed -i '/newgrp/d' /etc/audit/audit.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
index ed2cc6c29..13cbaac12 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_one_rule.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/audit.rules
sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
index e1d5d05df..6a758969a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_configured.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules
sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/auditctl%" /usr/lib/systemd/system/auditd.service
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
index ec89d9ce8..81e0062b1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/auditctl_rules_without_perm_x.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/audit.rules
sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/audit.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
index ee36da807..bd848737d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_default.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
# augenrules is default for rhel7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
index b6aabf247..8405f0ba1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_duplicated.fail.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# packages = audit
# remediation = none
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /tmp/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
index 711bae803..617ff1b33 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_missing_rule.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
sed -i '/newgrp/d' /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
index d272fd1d5..f7c0fec7d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_one_rule.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
echo "-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
index ecda20ef9..115487067 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
index 51482922f..4ac366ec9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_configured_mixed_keys.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
# change key of rules for binaries in /usr/sbin
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
index 79c0bb972..2968492ac 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_rules_without_perm_x.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} privileged /etc/audit/rules.d/privileged.rules
sed -i -E 's/^(.*path=[[:graph:]]+) -F perm=x(.*$)/\1\2/' /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
index a8667bbfb..471d2aff2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_mixed_keys.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -k privileged" >> /etc/audit/rules.d/privileged.rules
echo "-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
index b2e18d1cd..5c56cdb6d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/augenrules_two_rules_sep_files.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
echo "-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
echo "-a always,exit -F path=/usr/bin/notrelevant -F perm=x -F auid>={{{ uid_min }}} -F auid!=unset -F key=privileged" >> /etc/audit/rules.d/priv.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
index 81fc6dd16..9c3f84ef8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/tests/rules_with_own_key.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_rhel,Oracle Linux 7,Oracle Linux 8
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,Oracle Linux 7,Oracle Linux 8
./generate_privileged_commands_rule.sh {{{ uid_min }}} own_key /etc/audit/rules.d/privileged.rules
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
index 639e61446..6df3021a6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_at/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - at'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
index bc240650e..51f49e210 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chage'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
index 8603087c3..d0e113083 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - chsh'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
index 0846706f2..daea0305e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - crontab'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
index ac8b4c104..7d68bec7d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_dbus_daemon_launch_helper/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
index 329e48377..61d9dbb52 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
index 6ac08b082..d4816e8cb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_fusermount3/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
index 347eaee25..0f5e28e69 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - gpasswd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
index 0b7ad4110..a67caf2b7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_grub2_set_bootflag/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
index 5baa999e7..cb49a4d71 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
index 29bfc7be7..d0910b1c6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/insmod", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
index 1f40fde77..4995a7473 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["ol7", "rhel7", "rhel8", "rhel9"] %}}
+{{%- if product in ["ol7", "rhel7", "rhel8", "rhel9", "almalinux9"] %}}
{{%- set kmod_audit="-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=privileged" %}}
{{%- elif product in ["ubuntu2004", "ubuntu2204"] %}}
{{%- set kmod_audit="-w /bin/kmod -p x -k modules" %}}
@@ -8,7 +8,7 @@
documentation_complete: true
-prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - kmod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
index 8f61ee32a..07ddf4291 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
index ed9771d0d..665d2cc0f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/modprobe", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
index 602518ad8..2211f6234 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - mount'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
index 3c645c96c..b9a08458e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_mount_nfs/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
index 83c1c812f..f5975167e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgidmap/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgidmap'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
index 59b4dcfbb..7364c6d0f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newgrp'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
index 41f9fc3de..450bbcd5d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newuidmap/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - newuidmap'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
index 0bda87b7d..23057f37a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
@@ -10,7 +10,7 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pam_timestamp_check'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
index 19b6623a7..6ea58745c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
index 126c855e7..e73741e77 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pkexec/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
index aae180149..570630d86 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_polkit_helper/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
index 8408a93d0..0e2f11f15 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postdrop'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
index bbeabeb8d..f68603e67 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - postqueue'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
index 9a8daf680..e5e09445c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - pt_chown'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
index f3c3324e2..d5545d32c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
index bf0a58b43..0b13f7c0d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/sbin/rmmod", "x", "modules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
index e1d848144..0da4b277d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_agent/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Any Attempts to Run ssh-agent'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
index fd3983b53..bc40e55bc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
@@ -10,7 +10,7 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - ssh-keysign'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
index 4ad68bc25..0ece194bd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_krb5_child/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
index 7d16f4d07..18eb7874f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_ldap_child/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
index 2526442fe..330508472 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_proxy_child/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
index 7c3c4c64a..978ee75ef 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sssd_selinux_child/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
index 7a02e6220..aa0366661 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - su'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
index 55e5e24bd..14301e740 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
index ed40c3d03..b9548cd10 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudoedit'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
index 4ba40efd0..24875d8ca 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - umount'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
index 53d21d2c8..b453a93ed 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_chkpwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
index 6ad48696d..a48487a53 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_update/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - unix_update'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
index b1994fa98..b90c80334 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - userhelper'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
index 8af435987..d7f4105b0 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usermod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usermod'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
index e3d68c134..765699343 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_usernetctl/rule.yml
@@ -1,10 +1,10 @@
-{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects Information on the Use of Privileged Commands - usernetctl'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
index abd867e50..79e2bd347 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_utempter/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
index c04fda277..2e7efec26 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_write/rule.yml
@@ -1,4 +1,4 @@
-{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
+{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhcos4", "rhel7", "rhel8", "rhel9", "almalinux9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x="-F perm=x " %}}
{{%- endif %}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
index 4fd5bef0f..c582d4398 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open syscall - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
index 79dc227e0..4a279b5fe 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
index e1221d1ae..6decde5e0 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via openat syscall - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
index 84d77e89c..71551300e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open syscall - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
index 3c8971e4c..6a656d460 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
index 6ee8ef91c..d7b5464c0 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_gshadow_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via openat syscall - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
index 449fe58e3..c2fd43d78 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open syscall - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
index 37094bd4a..4158f5658 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
index ee5160823..2d7462343 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via openat syscall - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
index 01b22ecb0..f65c0e090 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open syscall - /etc/shadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
index 0eaf7977f..bbd3c7d82 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_open_by_handle_at/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via open_by_handle_at syscall - /etc/shadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
index a1a404722..0b4a58460 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_shadow_openat/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Record Events that Modify User/Group Information via openat syscall - /etc/shadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
index ba84abfc9..e771e26f1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Traverse all of:
#
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
index 26d02c24e..28daa9106 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
index 94768073f..6fd009b50 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable_login_uids/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
index e55119fd1..2e7514b51 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
index 79440e79b..614a4e09c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/etc/selinux/", "wa", "MAC-policy") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
index 889f83178..7896d4cb1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
index 496670fad..a9cce0a56 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
index b61368c0c..eb3bf47f9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification_usr_share/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/usr/share/selinux/", "wa", "MAC-policy") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
index ac5c84c87..bf549f47f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot =false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
index 7e22f270f..d310cfd08 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
index 7f2f4e298..7ad5c59a3 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
index caf49d4f8..f2ba8f9f1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/var/run/utmp", "wa", "session") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
index 8b2377d44..39c2bba69 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
index 628dc4fd8..470dda95e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
index a8b33956b..d7810237a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers_d/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers.d/'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
index 64e8dde85..3d4f65278 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
index 15d6fa4e2..7f98c9915 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
index 866445695..757f46893 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_auid_privilege_function/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9
+prodtype: rhel8,rhel9,almalinux9
title: 'Record Events When Executables Are Run As Another User'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
index 252ed0ca6..980a260ae 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
index 8fdd7e75a..9c16b41cc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
index 323a798b1..46fad7416 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
index 49a665ded..6bbfe47d5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_suid_privilege_function/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events When Privileged Executables Are Run'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
index fcde9d3aa..6477bc85e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/etc/sudoers", "wa", "actions") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
index 336beb2b7..26c47e462 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
index 339a4846f..d28dabf18 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Shutdown System When Auditing Failures Occur'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
index 07965e2c7..908fa6e54 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/etc/group", "wa", "audit_rules_usergroup_modification") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
index b213979b4..4de076a87 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/group'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
index 0bb5e2238..d2927742d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/gshadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
index 946cd6104..d8df5fc36 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/security/opasswd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
index 46cf595dd..4cbb92902 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/passwd'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
index a4e780a39..79ae71305 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Record Events that Modify User/Group Information - /etc/shadow'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
index b00fb3856..1fa0a6039 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_sudo_log_events/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Record Attempts to perform maintenance activities'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
index b7f44ab38..e6b1d1856 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
index 49c97e395..51f48c0f9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
index f0783ec4f..a4cc0d84c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
index ec76157d4..0f9e9f7cc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
index b7f44ab38..e6b1d1856 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
index 3f43030e9..85e9a47c8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
index b7f44ab38..e6b1d1856 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_perform_audit_adjtimex_settimeofday_stime_remediation() }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
index 8a58bbc38..1a73014dc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
index 4983b503e..b4db73bce 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
{{{ bash_fix_audit_watch_rule("auditctl", "/etc/localtime", "wa", "audit_time_rules") }}}
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
index 140506b60..4290a051f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
index ec17adf55..0ecb4079c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
index dfff55bd3..c07d286d7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'System Audit Directories Must Be Group Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
index 09d4e8ff5..6a8e8bdab 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
groupadd group_test
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
index 6a95e9f13..ed02bd2b6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'System Audit Directories Must Be Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
index 0dad1bfe1..29632f729 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
DIR=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ' | rev | cut -d"/" -f2- | rev)
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
index 7e8c49123..999d914cd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_0700.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common_0700.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
index 7cfadc195..3bb0cefbb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/correct_value_default_0700.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common_0700.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
index 3654389ed..64e3e8ebc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_0700.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common_0700.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
index b93254a4b..c7d66ccbb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/incorrect_value_default_file_0700.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common_0700.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
index 399e4ea76..8bcc896a6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Be Group Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
index 6f19e15c6..b1d995c61 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/correct_value_non-root_group.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
if grep -iwq "log_file" /etc/audit/auditd.conf; then
FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
index cf4b02b90..cd69f17c2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/wrong_value_non-root_group.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_rhel
+# platform = multi_platform_rhel,multi_platform_almalinux
if grep -iwq "log_file" /etc/audit/auditd.conf; then
FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
index b7b5736cd..bafd8e531 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Be Owned By Root'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
index 3a0d9a4e9..ab43ceb2b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/correct_value_default_file.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
#!/bin/bash
sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
index 1879113b8..8798ae1ae 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit_stig/tests/wrong_value_default_file.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
#!/bin/bash
sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
index 81e471f4e..c1e9bbb15 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
index 0b42da512..013401d8c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
if LC_ALL=C grep -iw ^log_file /etc/audit/auditd.conf; then
FILE=$(awk -F "=" '/^log_file/ {print $2}' /etc/audit/auditd.conf | tr -d ' ')
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
index a7aa67de4..e4af05d51 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'System Audit Logs Must Have Mode 0640 or Less Permissive'
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
index 15023ca70..488ef3e3f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_0600.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = audit
source common_0600.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
index 04d76809f..6475f83ae 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/correct_value_default_file_0600.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = audit
source common_0600.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
index aea9d1b10..3f045e4c7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_0600.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = audit
source common_0600.sh
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
index 003e3330f..368540adc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/tests/incorrect_value_default_file_0600.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = audit
source common_0600.sh
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
index 1e0529f08..9ed9948a4 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
index 53a56e255..554799735 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_audispd_remote_server") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
index 9ec973546..54470bf57 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure audispd Plugin To Send Logs To Remote Server'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
index 5edbb9df9..bb2dee441 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_sufficiently_large_partition/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure a Sufficiently Large Partition for Audit Logs'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
index 942cd0f5d..a53df57b1 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
index 36e7f8cda..842f3922d 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_audispd_disk_full_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
index 8ccde192c..417313af3 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure audispd''s Plugin disk_full_action When Disk Is Full'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
index 637683d69..b9202b70d 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Encrypt Audit Records Sent With audispd Plugin'
@@ -57,7 +57,7 @@ ocil: |-
fixtext: |-
Configure {{{ full_name }}} to encrypt audit records sent with audispd plugin.
-{{% if product in ["rhel8", "rhel9", "fedora", "ol8", "rhv4"] %}}
+{{% if product in ["rhel8", "rhel9", "almalinux9", "fedora", "ol8", "rhv4"] %}}
Set the "transport" option in "{{{ audisp_conf_path }}}/audisp-remote.conf" to "KRB5".
{{% else %}}
Uncomment the "enable_krb5" option in "{{{ audisp_conf_path }}}/audisp-remote.conf",
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
index 71fc81683..835402712 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
index d1a513600..8ca091bea 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_audispd_network_failure_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
index 0a3db3206..df5c9b6f3 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure audispd''s Plugin network_failure_action On Network Failure'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
index d244d4bd0..ec516de8a 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_absent.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
. $SHARED/auditd_utils.sh
prepare_auditd_test_enviroment
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
index af96da871..3bcbba05c 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/tests/audisp_network_failure_action_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
. $SHARED/auditd_utils.sh
prepare_auditd_test_enviroment
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
index caf9766f5..e559c56ae 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = bash
. $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
index c87268eae..d28fac1a9 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_activated_not_there.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = bash
. $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
index 0bb1518ef..d1023b9e6 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/tests/audit_syslog_plugin_not_activated.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Oracle Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# remediation = bash
. $SHARED/auditd_utils.sh
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
index b075778f5..d9baf1b4f 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
index d0065b38c..7027992a4 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
index 06f4a10c6..ba788edbf 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
index 78726bbc6..0a36846ab 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
{{{ bash_instantiate_variables("var_auditd_disk_error_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
index 0adf2b538..376952524 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
index ce4f4d029..6ab8e06dd 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
index 61cc4751d..7f66a5c15 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
index 8ab6e16ab..110211558 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_disk_full_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
index b82e6d174..717e52b99 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
index dfb8d3035..28e3fd6c9 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_action_mail_acct") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
index 9efd2d5e8..95c46c53e 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
index e05250cea..e04d721a4 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_admin_space_left_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
index 01c5df5d6..8baf0d0ad 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Configure auditd admin_space_left on Low Disk Space'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
index 9c8afcfa3..53a6da7e0 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
index 79b916559..40632d099 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_instantiate_variables("var_auditd_flush") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
index ce94d5f5f..5aa4a2f87 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Configure auditd flush priority'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
index ba44b2bb5..303e1d8f7 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_data.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
index a8f68412c..0c0d35e0d 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
index f3301e81a..eb39696dd 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_incremental_async.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
index 64ebd312f..c43471049 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_none.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
index f6e0c1088..a51782746 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_not_there.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
index 47f3daf89..5cab1da02 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/tests/flush_sync.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = audit
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# profiles = xccdf_org.ssgproject.content_profile_ospp
# remediation = bash
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
index c70cd104e..c97fbf56e 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
index 8a53bf847..95c5446b6 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_max_log_file") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
index 69ae3cb89..f48f36569 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
index 5007f965f..4c06ea831 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
index 69ae3cb89..f48f36569 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
index 4609f8ec9..f4b4664e3 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_instantiate_variables("var_auditd_max_log_file_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action_stig/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
index 7deaa0607..748a59d80 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
index ab0bea58e..a6158699d 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
index a53f062b5..e0200450d 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_space_left") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
index d9b97fbfb..19520c5bf 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure auditd space_left on Low Disk Space'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
index 46560f89e..123e5ef3c 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
index 870f6619e..a1dc8844a 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
{{{ bash_instantiate_variables("var_auditd_space_left_action") }}}
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
index c82d0d370..1e0e809ff 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_percentage/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Configure auditd space_left on Low Disk Space'
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_freq/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_local_events/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_log_format/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
index c93322835..b24919d0b 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
index 67a1203dd..12a94396c 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_name_format/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
index 12d8541cb..a3d1c459b 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
index f308bd675..e9789ea24 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_overflow_action/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
index 55f407e01..b9084af21 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_write_logs/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
index e81a90bc6..7f97fd716 100644
--- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon'
diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
index 65132d8ee..87202053a 100644
--- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Extend Audit Backlog Limit for the Audit Daemon'
diff --git a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
index e2d2b7fdb..122741d83 100644
--- a/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
+++ b/linux_os/guide/system/auditing/package_audispd-plugins_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install audispd-plugins Package'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
index e33140501..603abfb90 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
index cefc04f50..27159513f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful file accesses'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
index f29a4afc6..26ac0688c 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/rule.yml
index a672f2102..814199f4e 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file accesses (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
index 412c67f15..ec1467404 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/rule.yml
index 83ebfec20..3630ed45c 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file accesses (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
index 413293083..3f8c50a39 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
index 9c2495c3c..5513c9d11 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful file accesses'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
index 1d08bae3a..3e2300448 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/rule.yml
index cfc93bb7e..5444267b0 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file accesses (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
index 372b7c27c..4e2ce77e9 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/rule.yml
index d0b31f1e4..344b25f85 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_access_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file accesses (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
index f62426900..bd3ddd10a 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
index 28500f9d4..3774a64b0 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_basic_configuration/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure basic parameters of Audit system'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
index 981a0c861..ab7d657c3 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
index 6121df242..828053ca1 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful file creations'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
index c26dc39be..d32b854fd 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/rule.yml
index 795037c0a..3b91ece71 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file creations (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
index 08c8dc855..e9277f263 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/rule.yml
index ef8fce5d7..8e17d8c0d 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file creations (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
index 8dca6a682..4581682c7 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful file creations'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success_aarch64/rule.yml
index 39f2d4ab2..8eeebe39a 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file creations (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_create_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_create_success_ppc64le/rule.yml
index 2c6ee5d36..4a2afb873 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_create_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_create_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file creations (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
index 023388b66..655883afe 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
index f687fd864..e24916fb2 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful file deletions'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
index 22d3990f0..ed4f8bce8 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/rule.yml
index de2598b53..b3aa832f6 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file deletions (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
index 2fb2c25aa..e182781c4 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/rule.yml
index a6553bdb9..398ec3c77 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file deletions (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
index bff04fe4c..a56d7f18f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
{{% set file_contents = """## Successful file delete
-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid&gt;=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
index 45419ec17..379c130a1 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful file deletions'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
index 37b8b3676..d1be71273 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
{{% set file_contents = """## Successful file delete
-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/rule.yml
index 41330f52a..37e3cd0ad 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file deletions (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
index a46066d62..731636c7f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
{{% set file_contents = """## Successful file delete
-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat -F success=1 -F auid>=" ~ uid_min ~ " -F auid!=unset -F key=successful-delete""" -%}}
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/rule.yml
index 3dc41765d..e8368c602 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_delete_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file deletions (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
index 4b6116733..42e1c3da2 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
index c5295afeb..a3f50d94d 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_immutable_login_uids/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure immutable Audit login UIDs'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
index 2d9279849..ec6477378 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
index c6c9cc56c..8effdfbfc 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful file modifications'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
index dae466002..527bc8489 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/rule.yml
index 8e5bf91e2..9ef4dfbe0 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file modifications (AARch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
index f07ff3607..62de7826c 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/rule.yml
index 633e5e442..5ac46f97c 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful file modifications (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
index c6f796967..7a6e545c4 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
index 888a33657..9082b11ab 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful file modifications'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
index 212ec4ba5..62e1ee6de 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/rule.yml
index 807325aa2..f3e4aa738 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file modifications (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
index 92310b977..e76e314a6 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/rule.yml
index ee8ec2ec3..059addaf3 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_modify_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful file modifications (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
index f8cd8b73d..090554c02 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
index c3cb2cd34..10d2e2a1f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of loading and unloading of kernel modules'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
index 231034a9c..460877cec 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/rule.yml
index 486f0ba2d..670ed5577 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_module_load_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of loading and unloading of kernel modules (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
index a93771e85..22e9b17b9 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
index fbe8d9fae..71bfb7779 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Perform general configuration of Audit for OSPP'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
index c122b209f..d1f676a94 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/rule.yml
index 6c8900d43..d76c2131e 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Perform general configuration of Audit for OSPP (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
index fa81ece03..7a26684d2 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/rule.yml
index a3200d050..d2daf89f5 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_ospp_general_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Perform general configuration of Audit for OSPP (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
index 55ad31393..5f6b89d34 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful ownership changes'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_aarch64/rule.yml
index 29c89aabf..1fa0a56de 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful ownership changes (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_ppc64le/rule.yml
index b10dd36e8..309c68937 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful ownership changes (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
index fc419001f..9e0a13eaf 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful ownership changes'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_aarch64/rule.yml
index 594bd629f..52d549435 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful ownership changes (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_ppc64le/rule.yml
index 8a923282a..8f2ff4019 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_owner_change_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful ownership changes (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
index f0c9a0c44..8840a60e3 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of unsuccessful permission changes'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_aarch64/rule.yml
index b3296d39f..e6e55335e 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful permission changes (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_ppc64le/rule.yml
index 4e7531069..9f244f803 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_failed_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of unsuccessful permission changes (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
index 7ea158505..f2f64b80f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure auditing of successful permission changes'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_aarch64/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_aarch64/rule.yml
index 8300b148f..c8ae462e6 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_aarch64/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_aarch64/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful permission changes (AArch64)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_ppc64le/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_ppc64le/rule.yml
index c633e1833..f6da5070f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_ppc64le/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_perm_change_success_ppc64le/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure auditing of successful permission changes (ppc64le)'
diff --git a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
index 1cc1f231f..3138be13f 100644
--- a/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
+++ b/linux_os/guide/system/auditing/policy_rules/audit_rules_for_ospp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Configure audit according to OSPP requirements'
diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml b/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
index 89d6152dc..7afbf02b7 100644
--- a/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/auditing/service_auditd_enabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
index 650754d76..db9362850 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_init_on_alloc_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol9,rhel9
+prodtype: ol9,rhel9,almalinux9
title: 'Configure kernel to zero out memory before allocation'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
index d6bfc02f3..2e7e7db32 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,rhel8,rhel9
+prodtype: ol8,rhel8,rhel9,almalinux9
title: 'Configure kernel to trust the CPU random number generator'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
index 00942724d..f68845394 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
+++ b/linux_os/guide/system/bootloader-grub2/grub2_kernel_trust_cpu_rng/tests/wrong_value_entries.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# Based on shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Breaks argument in kernel command line in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_mds_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_mds_argument/rule.yml
index 1eb959aca..75db2966f 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_mds_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_mds_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Configure Microarchitectural Data Sampling mitigation'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_page_alloc_shuffle_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_page_alloc_shuffle_argument/rule.yml
index 9c8723e7a..afc2a1b32 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_page_alloc_shuffle_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_page_alloc_shuffle_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol9,rhel9
+prodtype: ol9,rhel9,almalinux9
title: 'Enable randomization of the page allocator'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
index 70251f709..fb0fcd90b 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_pti_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Enable Kernel Page-Table Isolation (KPTI)'
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
index 9a0f0d212..51ec8d39d 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_vsyscall_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Disable vsyscalls'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
index d0bdf2523..bc500e1ba 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
index b7557c41f..5baf05fef 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_groupowner_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
index 2ef41b1c5..7cc14e6d3 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
index 5df579a97..877e4fc64 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
index 10fe57233..22d623bd2 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify {{{ grub2_boot_path }}}/grub.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
index 8de6ef356..533ecca7d 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_permissions_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Verify {{{ grub2_boot_path }}}/user.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
index 05e2deae0..5b2ff8875 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Set the Boot Loader Admin Username to a Non-Default Value'
diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
index 03031cd11..27be45e21 100644
--- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set Boot Loader Password in grub2'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
index 8a10defce..cdd1282da 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Verify the UEFI Boot Loader grub.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
index 1fa0facd5..647a3f73b 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Group Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
index 9f5bb2745..09efb2bb2 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Verify the UEFI Boot Loader grub.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
index 104fa81e8..6e1aa9007 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg User Ownership'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
index ee5bdcaf8..21a810d76 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Verify the UEFI Boot Loader grub.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
index bfea4e047..0bfbf2936 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_user_cfg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Verify {{{ grub2_uefi_boot_path }}}/user.cfg Permissions'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
index a277f209f..6cf0dd77c 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Set the UEFI Boot Loader Admin Username to a Non-Default Value'
diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
index cdaa2b573..58edc1ec0 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Set the UEFI Boot Loader Password'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
index 708e29a69..283b8dd18 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhcos4,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Enable Auditing to Start Prior to the Audit Daemon in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
index 98f7ec507..046660329 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_audit_backlog_limit_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhcos4,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Extend Audit Backlog Limit for the Audit Daemon in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
index 56b634d4b..b4da3cffa 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bls_entries_only/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Ensure all zIPL boot entries are BLS compliant'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
index 6c7e33965..026da9c6b 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_bootmap_is_up_to_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Ensure zIPL bootmap is up to date'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
index a763429f1..6de951471 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_enable_selinux/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Ensure SELinux Not Disabled in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
index fa272250a..70d5146b5 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure kernel to zero out memory before allocation in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
index 50cf1b78f..cc8c2577d 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/correct_option.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
# Make sure boot loader entries contain init_on_alloc=1
for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
index 7c0d91547..0490eed84 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_cmdline.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
# Make sure boot loader entries contain init_on_alloc=1
for file in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
index 9d330c919..bac0815e1 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_init_on_alloc_argument/tests/missing_in_entry.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9,AlmaLinux 9
# Remove init_on_alloc=1 from all boot entries
sed -Ei 's/(^options.*\s)init_on_alloc=1(.*?)$/\1\2/' /boot/loader/entries/*
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
index 5179b19fc..a5d5ffcea 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_page_alloc_shuffle_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Enable randomization of the page allocator in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
index 0cd61ae2f..f6e29d389 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_page_poison_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Enable page allocator poisoning in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
index df0f6c3ee..df74834fe 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_slub_debug_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Enable SLUB/SLAB allocator poisoning in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
index 5585e0eaf..ec0a8704d 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# reboot = true
# strategy = configure
# complexity = medium
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
index 0d90d58db..de4f6c4c6 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# Correct BLS option using grubby, which is a thin wrapper around BLS operations
grubby --update-kernel=ALL --remove-args="systemd.debug-shell"
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
index 3a442c4eb..e3d440a5c 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_systemd_debug-shell_argument_absent/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Ensure debug-shell service is not enabled in zIPL'
diff --git a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
index 9d645c887..c5dd01bc9 100644
--- a/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
+++ b/linux_os/guide/system/bootloader-zipl/zipl_vsyscall_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhcos4,rhel8,rhel9
+prodtype: rhcos4,rhel8,rhel9,almalinux9
title: 'Disable vsyscalls in zIPL'
diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
index ef617d152..3b8762a23 100644
--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_latent_entropy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Generate some entropy during boot and runtime'
diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_randstruct/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_randstruct/rule.yml
index f73121dfa..7f44074e1 100644
--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_randstruct/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_randstruct/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Randomize layout of sensitive kernel structures'
diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_stackleak/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_stackleak/rule.yml
index 3e32dead8..76da91007 100644
--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_stackleak/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_stackleak/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Poison kernel stack before returning from syscalls'
diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
index 6a19eb78d..2d31401e9 100644
--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Force initialization of variables containing userspace addresses'
diff --git a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak_byref_all/rule.yml b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak_byref_all/rule.yml
index 4e8433978..77c777262 100644
--- a/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak_byref_all/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/gcc_plugin/kernel_config_gcc_plugin_structleak_byref_all/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'zero-init everything passed by reference'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
index 8ca4e0962..7d42032e2 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_arm64_sw_ttbr0_pan/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Emulate Privileged Access Never (PAN)'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
index 7c85b7efe..4a5483b9e 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_bug_on_data_corruption/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Trigger a kernel BUG when data corruption is detected'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
index e09a87043..f74d9255b 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_debug_wx/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Warn on W+X mappings found at boot'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
index b380e43cf..973dd3505 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_fortify_source/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Harden common str/mem functions against buffer overflows'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
index 0fd7014cc..28b148ad7 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Harden memory copies between kernel and userspace'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
index 785d3d9c2..b5874f68b 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_hardened_usercopy_fallback/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Do not allow usercopy whitelist violations to fallback to object size'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
index a88d80076..772794c48 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_emulate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Disable vsyscall emulation'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
index 7976cd56c..8c672eda6 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_none/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Disable vsyscall mapping'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_xonly/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_xonly/rule.yml
index dbc5966e1..0a717b587 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_xonly/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_legacy_vsyscall_xonly/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Disable vsyscall emulate execution only'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
index 35f88e89d..9dad78b62 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_modify_ldt_syscall/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Disable the LDT (local descriptor table)'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
index db2575974..10704f264 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_page_poisoning/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Enable poison of pages after freeing'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
index 6b0fb3a20..fc7c939d8 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_refcount_full/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Perform full reference count validation'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
index 2753a98ec..0ad181380 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_sched_stack_end_check/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Detect stack corruption on calls to schedule()'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
index 78b5db286..bcff96510 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_hardened/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Harden slab freelist metadata'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
index 5c93226b1..33e6c1b5a 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_freelist_random/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Randomize slab freelist'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
index 3dd3de678..cecf0bdd2 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_slab_merge_default/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Disallow merge of slab caches'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
index ce52a1198..6b8389ca8 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Stack Protector buffer overlow detection'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
index 87e6828d1..820a19d30 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_stackprotector_strong/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Strong Stack Protector'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
index a585ee932..f79829b23 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_kernel_rwx/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Make the kernel text and rodata read-only'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
index 2c34a6816..5d5d90aeb 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_strict_module_rwx/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'Make the module text and rodata read-only'
diff --git a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
index 0f575cad3..6aac87dd6 100644
--- a/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
+++ b/linux_os/guide/system/kernel_build_config/kernel_config_vmap_stack/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9
+prodtype: fedora,rhel8,rhel9,almalinux9
title: 'User a virtually-mapped stack'
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
index 773f88904..6060189e7 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
if ! grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf; then
mkdir -p /etc/rsyslog.d
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
index 8a7b722b9..5d691b060 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure cron Is Logging To Rsyslog'
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
index 4e321fecb..2818c4ca1 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
index 3933f28b4..d71a075f1 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
index 76f0e4b38..581668b67 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle12,sle15
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Ensure logging is configured'
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
index bea5ed470..9585a0ad3 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure remote access methods are monitored in Rsyslog'
diff --git a/linux_os/guide/system/logging/journald/journald_compress/rule.yml b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
index 1d7cf6b6f..f1ef3c848 100644
--- a/linux_os/guide/system/logging/journald/journald_compress/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_compress/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: Ensure journald is configured to compress large log files
diff --git a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
index 602e2601a..14058fd2a 100644
--- a/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_forward_to_syslog/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004
+prodtype: alinux3,anolis23,anolis8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004
title: Ensure journald is configured to send logs to rsyslog
diff --git a/linux_os/guide/system/logging/journald/journald_storage/rule.yml b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
index b4348b10b..377f88620 100644
--- a/linux_os/guide/system/logging/journald/journald_storage/rule.yml
+++ b/linux_os/guide/system/logging/journald/journald_storage/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: Ensure journald is configured to write log files to persistent disk
diff --git a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
index 8510c91a5..077b108a1 100644
--- a/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
+++ b/linux_os/guide/system/logging/journald/socket_systemd-journal-remote_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel8,rhel9,ubuntu2204
+prodtype: fedora,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Disable systemd-journal-remote Socket'
diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
index 892523fc4..9fbba1ccb 100644
--- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
+++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_rhcos
+# platform = multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
index 0abe60b2d..052486096 100644
--- a/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
+++ b/linux_os/guide/system/logging/package_rsyslog-gnutls_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Ensure rsyslog-gnutls is installed'
description: |-
diff --git a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
index 1ff4d159c..dd709d38f 100644
--- a/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_nolisten/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2204
title: 'Ensure rsyslog Does Not Accept Remote Messages Unless Acting As Log Server'
diff --git a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
index f37af583d..0c0e1e1f6 100644
--- a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Ensure rsyslog Default File Permissions Configured'
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
index f42709ef5..8b35da68b 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
index f2019bb9a..a12ceb5c1 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_ubuntu
{{{ bash_instantiate_variables("rsyslog_remote_loghost_address") }}}
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
index d6e2b2564..323d3ffaa 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
index ee1cbf7ea..eb4e5adc4 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = configure
# complexity = low
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
index 86c0988cf..51f084a36 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure TLS for rsyslog remote logging'
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
index 1030537bd..15dbfaa69 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls_cacert/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure CA certificate for rsyslog remote logging'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
index cdf4f0eff..5cb39ffc4 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld-backend/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9,sle15
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9,sle15
title: 'Configure Firewalld to Use the Nftables Backend'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
index fd1fe1494..04b6a045d 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/package_firewalld_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Install firewalld Package'
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
index 52bc3288f..998b64efc 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Verify firewalld Enabled'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
index 18e51cc42..4082f8b21 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Configure the Firewalld Ports'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
index 2c0820d66..c18bf90c1 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configured_firewalld_default_deny/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,ol8,ol9,rhel8,rhel9
+prodtype: alinux2,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Firewalld Must Employ a Deny-all, Allow-by-exception Policy for Allowing Connections to Other Systems'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
index 2522e7ec4..31c6f23de 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_restricted/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure Firewalld to Restrict Loopback Traffic'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
index d151f4d20..7b660a392 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/firewalld_loopback_traffic_trusted/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Configure Firewalld to Trust Loopback Traffic'
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
index d7cd7bc83..14f1269ac 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Set Default firewalld Zone for Incoming Packets'
diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
index 995b046df..fb83e3418 100644
--- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Verify Any Configured IPSec Tunnel Connections'
diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
index 9427aee63..90a5b50a8 100644
--- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Install libreswan Package'
diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
index ccfb8db79..e41d9c2d8 100644
--- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# check-import = stdout
result=$XCCDF_RESULT_PASS
diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
index b2a8e350c..e97d0f4a5 100644
--- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/iptables_rules_for_open_ports/sce/shared.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# check-import = stdout
result=$XCCDF_RESULT_PASS
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
index d787fbbbf..d209806d8 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/network_ipv6_privacy_extensions/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# enable randomness in ipv6 address generation
for interface in /etc/sysconfig/network-scripts/ifcfg-*
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
index 87306fedb..88e2884bc 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
index f9728d7dc..09a217ed2 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Accepting Router Advertisements on All IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
index 1d1d0c692..db3f1ced0 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_defrtr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
index d61211712..1e009df36 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_pinfo/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
index 6cfdfe692..ade4b1f33 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_ra_rtr_pref/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
index 8792fc668..2c7c4b025 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
index 2d8036595..b0d0e01bf 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
index e222b1c88..85b92ce90 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
index 834c8c2c1..56792a6a0 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
index eb1264282..004cfa19b 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_autoconf/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: Configure Auto Configuration on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
index 7373f9a7d..d3e9a26dc 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for IPv6 Forwarding'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
index 5323d1473..bc9dfd126 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_max_addresses/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
index 70f5e7919..6a6d77f5e 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_router_solicitations/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure Denying Router Solicitations on All IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
index 4ed2c480c..f59b6d7c3 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
index 68083fac1..e1bba091b 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting Router Advertisements on all IPv6 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
index e5b1d3405..0c95002cd 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_defrtr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Default Router in Router Advertisements on All IPv6 Interfaces By Default
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
index 561bf545a..a951a2832 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_pinfo/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Prefix Information in Router Advertisements on All IPv6 Interfaces By Default
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
index 67e3ac551..b4af80978 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_ra_rtr_pref/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Accepting Router Preference in Router Advertisements on All IPv6 Interfaces By Default
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
index 845b013ed..063776b85 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
index 1fa3ff038..c6592d804 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv6 Interfaces'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
index e2951d845..0335df123 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
index 6f29e358d..f861df29d 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
index 0362586d3..3ff82a4b4 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_autoconf/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Auto Configuration on All IPv6 Interfaces By Default
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
index 145dd2df5..2adef9a05 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_max_addresses/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: Configure Maximum Number of Autoconfigured Addresses on All IPv6 Interfaces By Default
diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
index b46af1bf7..8b4add63a 100644
--- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_router_solicitations/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure Denying Router Solicitations on All IPv6 Interfaces By Default'
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
index 284850ced..1d568c303 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure IPv6 is disabled through kernel boot parameter'
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
index fc649d74c..2fa1114da 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/arg_not_there_rhel9.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Removes ipv6.disable argument from kernel command line in //boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
index 3c1cde1dc..a57a1eae5 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/grub2_ipv6_disable_argument/tests/wrong_value_rhel9.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Break the ipv6.disable argument in kernel command line in /boot/loader/entries/*.conf
diff --git a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
index 2bd1bdbca..63ab3fe59 100644
--- a/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
+++ b/linux_os/guide/system/network/network-ipv6/disabling_ipv6/network_ipv6_disable_rpc/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
# Drop 'tcp6' and 'udp6' entries from /etc/netconfig to prevent RPC
# services for NFSv4 from attempting to start IPv6 network listeners
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
index 6bb6de134..1f0664a02 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
index 643403856..ce0e453a4 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
index b3d72bb4a..b89b8a35a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
index 2620e4288..ca5e52e2c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
index 977a5770b..1138e69c9 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_drop_gratuitous_arp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Drop Gratuitious ARP frames on All IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
index a75bcc616..021f28a32 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_forwarding/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable Kernel Parameter for IPv4 Forwarding on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
index 70e767cc4..fbe1a27a2 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
index 11dc1ce81..1f97eb364 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
index c64da37a3..08535e5a1 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
index 3a4507eff..b31b2ec1d 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
index 583b70a3b..d9bca3de6 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_1.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
index ef545976d..bf1ccb250 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/tests/value_2.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
index 8b075d55e..0dd17a34b 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
index 092fd29ce..ac2872ad4 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
index 2bfbd9e46..8ea37100a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
index 4184bfc83..7b497bb4e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting ICMP Redirects by Default on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
index aa7d1562b..08668d03c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
index 0de834a15..8accee775 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
index 3a60ab17c..728ddb817 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
index 84b4b78e7..e3ff71f60 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
index b6e53de36..0b652c7cf 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
index 2de023866..4256e78dc 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
index aeb67c4e0..f47a8ab67 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
index 363dcf7d4..4605a9309 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
index 52d74441b..08c8c256d 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
index 6aa5a30a5..2e2b1af62 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
index 9e3a85af9..d4f4d31cb 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
index 5e9c18bcb..c318e704c 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
index e5bb48138..7edcd8e6b 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_ip_local_port_range/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Set Kernel Parameter to Increase Local Port Range'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
index 59462471b..00c5bb472 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_invalid_ratelimit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle15
+prodtype: ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle15
title: 'Configure Kernel to Rate Limit Sending of Duplicate TCP Acknowledgments'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
index f62f1616f..25b12da38 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_rfc1337/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Enable Kernel Parameter to Use TCP RFC 1337 on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
index 0c8dae788..a26df0c5a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
index 0b4f36272..fd0845768 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
index ea1db12fe..5d8b19f68 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
index 3bdc1dfea..7718e89dc 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
index b54e3d12b..125464d7a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
index d456a9de6..4b7ad9c09 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default'
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
index 3b4f06fef..501013f5a 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces'
diff --git a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
index bce0bf37f..15687597e 100644
--- a/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/package_nftables_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle15,ubuntu2004,ubuntu2204
title: 'Install nftables Package'
diff --git a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
index 983065df5..ac46166e2 100644
--- a/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/service_nftables_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,rhel7,rhel8,rhel9,almalinux9,sle15,ubuntu2004,ubuntu2204
title: 'Verify nftables Service is Disabled'
diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
index 7dc9a9212..b31a0d356 100644
--- a/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,sle15,ubuntu2004,ubuntu2204
+prodtype: rhel7,rhel8,rhel9,almalinux9,sle15,ubuntu2004,ubuntu2204
title: 'Ensure a Table Exists for Nftables'
diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
index 89d344c4f..1a926adaa 100644
--- a/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
+++ b/linux_os/guide/system/network/network-nftables/set_nftables_table/sce/shared.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu
# check-import = stdout
tbl_output=$(nft list tables | grep inet)
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
index f995e2795..58aba3312 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_atm_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Disable ATM Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
index 420485c11..3d4606979 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_can_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Disable CAN Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
index 2f556b8ec..c7014dce5 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable DCCP Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
index 57cc29270..4b1b2805e 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/tests/missing_blacklist.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
rm -f /etc/modprobe.d/dccp-blacklist.conf
echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
index 0522abc15..8743e2011 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_firewire-core_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Disable IEEE 1394 (FireWire) Support'
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
index 0da8cd9fe..7cae68668 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable SCTP Support'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
index 847d21236..ef4903ca1 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable Bluetooth Kernel Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
index 5d3161776..a7f442816 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_cfg80211_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel8,rhel9
+prodtype: fedora,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable Kernel cfg80211 Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
index 25123181d..44ebf869c 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlmvm_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel8,rhel9
+prodtype: fedora,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable Kernel iwlmvm Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
index 2ae0cd340..2da591c93 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_iwlwifi_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel8,rhel9
+prodtype: fedora,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable Kernel iwlwifi Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
index 409baf905..c56beebe1 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_mac80211_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel8,rhel9
+prodtype: fedora,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable Kernel mac80211 Module'
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
index cb5749653..f9eb61cc0 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Deactivate Wireless Network Interfaces'
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
index bf2339bbd..f5ddc132f 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
+++ b/linux_os/guide/system/network/network_configure_name_resolution/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Configure Multiple DNS Servers in /etc/resolv.conf'
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
index 0f2d15979..27572472b 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_is_empty.pass.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common.sh
diff --git a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
index 469db24e9..671a4d019 100644
--- a/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
+++ b/linux_os/guide/system/network/network_configure_name_resolution/tests/dns_not_in_nsswitch_and_resolv_isnt_empty.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
source common.sh
diff --git a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
index fe5704ea6..8faf594b1 100644
--- a/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
+++ b/linux_os/guide/system/network/network_nmcli_permissions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Prevent non-Privileged Users from Modifying Network Interfaces using nmcli'
diff --git a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
index 6970bbdba..316f72ea8 100644
--- a/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
+++ b/linux_os/guide/system/network/network_sniffer_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure System is Not Acting as a Network Sniffer'
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
index 678b06d33..3cc2960ec 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure All World-Writable Directories Are Owned by root User'
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
index 63827dff3..41c0ed380 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
index 91b3495c9..7f3876c49 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
df --local -P | awk '{if (NR!=1) print $6}' \
| xargs -I '$6' find '$6' -xdev -type d \
\( -perm -0002 -a ! -perm -1000 \) 2>/dev/null \
diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
index c9ed36852..dd2964a7b 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_auditd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/audit/auditd.conf'
diff --git a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
index ec3bba5b8..67a6224b2 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_etc_audit_rulesd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Verify Permissions on /etc/audit/rules.d/*.rules'
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
index b3e2a1a00..6754d4f55 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'Ensure All SGID Executables Are Authorized'
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,uos20
description: |-
The SGID (set group id) bit should be set only on files that were
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
index 7d1ac5d38..7fc8727f7 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'Ensure All SUID Executables Are Authorized'
-prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20
+prodtype: alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,uos20
description: |-
The SUID (set user id) bit should be set only on files that were
diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
index d2aa53a98..f6a39047a 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Files Are Owned by a Group'
diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
index 13650fcea..bc89f2697 100644
--- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
+++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure All Files Are Owned by a User'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
index 8f41e6219..3ea6ebc74 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_group_ownership_library_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify that Shared Library Directories Have Root Group Ownership'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
index d2b47d989..9f25146b9 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
DIRS="/lib /lib64 /usr/lib /usr/lib64"
for dirPath in $DIRS; do
find "$dirPath" -type d -exec chown root '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
index 542184ae8..9cdfbf737 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/tests/incorrect_owner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
groupadd nogroup
DIRS="/lib /lib64"
for dirPath in $DIRS; do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
index 5f8dcd2eb..7980d87b5 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/all_dirs_ok.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
DIRS="/lib /lib64 /usr/lib /usr/lib64"
for dirPath in $DIRS; do
find "$dirPath" -perm /022 -type d -exec chmod go-w '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
index c3cd0944b..3c41df40c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/owner_only_writable_dir.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
DIRS="/lib /lib64 /usr/lib /usr/lib64"
for dirPath in $DIRS; do
chmod -R 755 "$dirPath"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
index 90ae74be6..243a8e16e 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_lib.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
DIRS="/lib /lib64"
for dirPath in $DIRS; do
mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
index ebaf9b766..858020d51 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_permissions_library_dirs/tests/world_writable_dir_on_usr_lib.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
DIRS="/usr/lib /usr/lib64"
for dirPath in $DIRS; do
mkdir -p "$dirPath/testme" && chmod 777 "$dirPath/testme"
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
index 607aba3c6..b47f9842f 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools are owned by group root'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
index 8f479451b..21a923e63 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# reboot = false
# strategy = restrict
# complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
index b9bbe4dbe..2652ea041 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
for SYSCMDFILES in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin
do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
index d50a7162e..2f6aae483 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_groupownership_system_commands_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Verify that system commands files are group owned by root or a system account'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
index e1caace87..f65bace9e 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools are owned by root'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
index 04178f485..ce116710e 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
index 5471f360f..1a2c2a9fa 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
find /bin/ \
/usr/bin/ \
/usr/local/bin/ \
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
index 9c3fa6fe9..78ab97152 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/correct_owner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
index 02867684c..8b274eded 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
useradd user_test
for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
index 81d8a339e..70345d4e7 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
useradd user_test
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
index 3382568ce..b4f4bd0a0 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_symlink.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
useradd user_test
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
index f87b5094a..979a946a5 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_audit_binaries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Verify that audit tools Have Mode 0755 or less'
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
index aeaa1f058..b69b5cd7a 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = medium
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
index ab89b277a..f4a7c33a9 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
DIRS="/bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin /usr/libexec"
for dirPath in $DIRS; do
find "$dirPath" -perm /022 -exec chmod go-w '{}' \;
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
index 662778c70..0ee65e6c2 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: |-
Verify the system-wide library files in directories
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
index 5356d3742..a85c88001 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/correct_groupowner.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
for SYSLIBDIRS in /lib /lib64 /usr/lib /usr/lib64
do
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
index 7352b60aa..fc84e065c 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/root_permissions_syslibrary_files/tests/incorrect_groupowner.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_rhel,multi_platform_fedora,multi_platform_ubuntu
+# platform = multi_platform_sle,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ubuntu
groupadd group_test
for TESTFILE in /lib/test_me /lib64/test_me /usr/lib/test_me /usr/lib64/test_me
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_fifos/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_fifos/rule.yml
index 3e8908c8a..130a99b34 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_fifos/rule.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_fifos/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Enable Kernel Parameter to Enforce DAC on FIFOs'
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
index b0d594003..4a71eccda 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_hardlinks/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_regular/rule.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_regular/rule.yml
index 39d81abf4..3199439c2 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_regular/rule.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_regular/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel9
+prodtype: fedora,rhel9,almalinux9
title: 'Enable Kernel Parameter to Enforce DAC on Regular files'
diff --git a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
index 5ce0decba..b7a4243e4 100644
--- a/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/files/sysctl_fs_protected_symlinks/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
index 664c7364e..bbe384ab1 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_cramfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of cramfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
index ce22f6058..eb05edc24 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_freevxfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of freevxfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
index ec81e6f9a..d6901bd9c 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of hfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
index f6080cd7b..04c8acb06 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_hfsplus_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of hfsplus'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
index b311a36be..bb5cdaac4 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_jffs2_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of jffs2'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
index 67bc619a3..63fad6c98 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_squashfs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Disable Mounting of squashfs'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
index f36e2b226..4bcb148fb 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_udf_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Disable Mounting of udf'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
index 144d855a0..f34a4fa4f 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Modprobe Loading of USB Storage Driver'
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
index 3eb2828f6..5f05f9480 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_vfat_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable Mounting of vFAT filesystems'
diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
index 41352695f..8b69802ab 100644
--- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
index 27f23dd29..e3449671c 100644
--- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204,uos20
title: 'Disable the Automounter'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
index c6901e86d..edc580c6e 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_efi_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,rhel8,rhel9
+prodtype: ol8,rhel8,rhel9,almalinux9
title: 'Add nosuid Option to /boot/efi'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
index e3d538abf..82685e46e 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noauto/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Add noauto Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
index 9ac722d0e..a16bac464 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Add nodev Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
index 56a22ce45..0412db1ee 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Add noexec Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
index 583dd2b60..685116ad1 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_boot_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Add nosuid Option to /boot'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
index ea5701f9b..300331de2 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /dev/shm'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
index dfc449d17..9b76163ce 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_grpquota/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Add grpquota Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
index d454139b4..7a8beb2c1 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
index bee3a60e8..392ea6217 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Add noexec Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
index 5e42ac0a7..4dddea527 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
index 86536b375..48d19ff8b 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_home_usrquota/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Add usrquota Option to /home'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
index a22d24b1a..8db0376d3 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Add nodev Option to Non-Root Local Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
index d06852da9..7dab4e0c2 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1804
title: 'Add nodev Option to Removable Media Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
index 75934b9d7..7b15278f3 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1804
title: 'Add noexec Option to Removable Media Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
index 2ae9f064c..e83e27ae5 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_nosuid_removable_partitions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1804
title: 'Add nosuid Option to Removable Media Partitions'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
index b7ec9c569..f5daeed49 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_opt_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Add nosuid Option to /opt'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
index a85e9d12c..b6b926251 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_proc_hidepid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Add hidepid Option to /proc'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
index 5ff970bd7..70cfb541f 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_srv_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Add nosuid Option to /srv'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
index 105a4549d..78363f750 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
index d4105fd2b..6a873abd9 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
index e8f8b86b6..b449266f8 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nosuid Option to /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
index 844f31d18..2c5607901 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Add nodev Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
index f5c55f7d4..2f969b513 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Add noexec Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
index 38c807ee5..59eb94efd 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_audit_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Add nosuid Option to /var/log/audit'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
index b59aeba7f..464f2e2bb 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Add nodev Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
index e3885b497..1a0629c46 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Add noexec Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
index c46396311..f000bd827 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_log_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /var/log'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
index d2723fd05..fa99b9edc 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Add nodev Option to /var'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
index d617a3b2e..9db79d8b1 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Add noexec Option to /var'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
index 09646acc0..ea3356629 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Add nosuid Option to /var'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
index 59e39270d..5c154d333 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# Delete particular /etc/fstab's row if /var/tmp is already configured to
# represent a mount point (for some device or filesystem other than /tmp)
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
index 0d5c5a8c2..04578b145 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_bind/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Bind Mount /var/tmp To /tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
index 0496b5523..c9f255adc 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nodev/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nodev Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
index 355ed84dd..2d6d50493 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_noexec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add noexec Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
index 6a5862650..7cfc53ea6 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_var_tmp_nosuid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Add nosuid Option to /var/tmp'
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
index d94802273..554e34e00 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_backtraces/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
index d94802273..554e34e00 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/coredump_disable_storage/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
index 32651fa92..b68ea1c66 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
+# platform = Red Hat Virtualization 4,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_sle,multi_platform_ubuntu
SECURITY_LIMITS_FILE="/etc/security/limits.conf"
if grep -qE '^\s*\*\s+hard\s+core' $SECURITY_LIMITS_FILE; then
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
index 41cbd1197..481afa583 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
index 4de1534fb..4f7474688 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/disable_users_coredumps/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable Core Dumps for All Users'
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
index 6d62d139a..4c717b72f 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/service_systemd-coredump_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable acquiring, saving, and processing core dumps'
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
index 461484337..34a311d57 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Enable ExecShield via sysctl'
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
index 415b0486d..02b1e991a 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
index 70189666c..22f9e966b 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_1.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
index 209395fa9..23cce30a8 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/tests/value_2.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
index 7a4c107b2..22e209120 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
index 9bc399fc3..baf960e8a 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable NX or XD Support in the BIOS'
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
index 6d87da5f2..021acd31f 100755
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/correct_value.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
cp /proc/cpuinfo /tmp/cpuinfo
diff --git a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
index 3260539b3..29d22d491 100755
--- a/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/tests/wrong_value.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
cp /proc/cpuinfo /tmp/cpuinfo
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
index 78c982211..b2c427397 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Enable page allocator poisoning'
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
index ea3560cec..e802f057e 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Enable SLUB/SLAB allocator poisoning'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
index 88c683445..fa9b2020d 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
index e36985406..d42de7a55 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable storing core dumps'
@@ -13,7 +13,7 @@ rationale: |-
severity: medium
-{{% if product in ["rhel9"] %}}
+{{% if product in ["rhel9", "almalinux9"] %}}
conflicts:
- sysctl_kernel_core_pattern_empty_string
{{% endif %}}
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern_empty_string/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern_empty_string/rule.yml
index 2babb28e3..bf1cca4bf 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern_empty_string/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern_empty_string/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Disable storing core dumps'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
index 8f51f97c1..93f9398c5 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_uses_pid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Configure file name of core dumps'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
index 36e025cc3..e97acde11 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
index b7acaf128..ada8a741a 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Restrict Access to Kernel Message Buffer'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
index 505b3c12b..cdf18e6dd 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
index 4e68361c2..cb1900aca 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Kernel Image Loading'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
index 7ddced284..1c3efcaf1 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_modules_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disable loading and unloading of kernel modules'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
index 6accbf9b0..1406632df 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_cpu_time_max_percent/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Limit CPU consumption of the Perf system'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
index a5f2dda78..2df07bb40 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_max_sample_rate/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Limit sampling frequency of the Perf system'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
index 0541e59a7..50020c28c 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
index a39ff72ee..855c75717 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_perf_event_paranoid/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disallow kernel profiling by unprivileged users'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
index 939a02998..5983ef6b2 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_pid_max/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure maximum number of process identifiers'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
index bf2e14302..0352b6b93 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Disallow magic SysRq key'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
index 2e24d9211..7b706bb32 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
index ca51c5534..e563cdfbc 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable Access to Network bpf() Syscall From Unprivileged Processes'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/rule.yml
index 259d1f901..86446d15d 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel9
+prodtype: rhel9,almalinux9
title: 'Disable Access to Network bpf() Syscall From Unprivileged Processes'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
index b9776227b..f58a7ac92 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
index 9f19e0140..b6f94e4b3 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
index e976db594..073e9fdaf 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
index b1537175e..d1f7474e9 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9
# Clean sysctl config directories
rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
index ceafd4839..7006e2066 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
index e03106c01..d63d41401 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Restrict usage of ptrace to descendant processes'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
index 7519b7740..af6c30abd 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhcos,multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
index 323fef1e6..7bd70d304 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_net_core_bpf_jit_harden/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Harden the operation of the BPF just-in-time compiler'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
index fdd4fb83e..3274d5b36 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
spec:
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
index 2932ebe23..61abbf26b 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_user_max_user_namespaces/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9
title: 'Disable the use of user namespaces'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
index ba7269b99..f37e0f6f3 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_vm_mmap_min_addr/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Prevent applications from mapping low portion of virtual memory'
diff --git a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
index cd65b5921..d8c613625 100644
--- a/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
+++ b/linux_os/guide/system/selinux/coreos_enable_selinux_kernel_argument/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Ensure SELinux Not Disabled in the kernel arguments'
diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
index 4be24a89d..76c0cc6df 100644
--- a/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
index 735354a2d..0c13b196e 100644
--- a/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_fedora,multi_platform_ol,SUSE Linux Enterprise 15
sed -i --follow-symlinks "s/selinux=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
sed -i --follow-symlinks "s/enforcing=0//gI" /etc/default/grub /etc/grub2.cfg /etc/grub.d/*
diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
index 5c94eafa2..96a748fa4 100644
--- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Ensure SELinux Not Disabled in /etc/default/grub'
diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
index 622ccb2a2..e71313e56 100644
--- a/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Install libselinux Package'
diff --git a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
index 2520d3dcc..ed0bc9538 100644
--- a/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
+++ b/linux_os/guide/system/selinux/package_libselinux_installed/tests/custom-package-removed.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
# Package libselinux cannot be uninstalled normally
# as it would cause removal of sudo package which is
diff --git a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
index f11bd265b..928f39221 100644
--- a/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_mcstrans_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,sle15
+prodtype: alinux2,alinux3,fedora,rhel7,rhel8,rhel9,almalinux9,sle15
title: 'Uninstall mcstrans Package'
diff --git a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
index eb5f39b45..9cadeabd0 100644
--- a/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_policycoreutils-python-utils_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Install policycoreutils-python-utils package'
diff --git a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
index 71e5c70a6..d73fc1ca8 100644
--- a/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
+++ b/linux_os/guide/system/selinux/package_policycoreutils_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install policycoreutils Package'
diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
index d43a519f7..1fe6ae09b 100644
--- a/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_setroubleshoot-plugins_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall setroubleshoot-plugins Package'
diff --git a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
index 3c1fddd4b..424049eeb 100644
--- a/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_setroubleshoot-server_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall setroubleshoot-server Package'
diff --git a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
index f8852e965..5f332e8fb 100644
--- a/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
+++ b/linux_os/guide/system/selinux/package_setroubleshoot_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Uninstall setroubleshoot Package'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
index 9059fdf0f..8c87bfe01 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_can_scan_system/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the antivirus_can_scan_system SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
index ebbce6ed1..2ebde0a58 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_antivirus_use_jit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the antivirus_use_jit SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
index ad4e91f50..cb17fe2bb 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_auditadm_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the auditadm_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
index 1de5f715d..fe6aca545 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_nsswitch_use_ldap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the authlogin_nsswitch_use_ldap SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
index 57cb33c8d..75eefb4b0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_radius/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the authlogin_radius SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
index fc7a57709..f49db4aff 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_authlogin_yubikey/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the authlogin_yubikey SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
index e6c6bbe3b..0de55d557 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_awstats_purge_apache_log_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the awstats_purge_apache_log_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
index 8cba7a6c1..fe2513767 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_boinc_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the boinc_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
index 6d1ab1fb9..fd1b70098 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cdrecord_read_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cdrecord_read_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
index d38be9368..ed587e35f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cluster_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
index a6558b754..8e5544724 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_manage_all_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cluster_manage_all_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
index 4dba59fcc..abb6956ea 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cluster_use_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cluster_use_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
index 9c4052419..909996efd 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cobbler_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
index 96c0e2564..ddfb9c7ee 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cobbler_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
index 93bdc97c0..953451b88 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cobbler_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
index a7d6e9e76..f8ab9378d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cobbler_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cobbler_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
index d2c8b686a..c68bf9083 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_collectd_tcp_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the collectd_tcp_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
index 1f5602853..6f9d60a99 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_condor_tcp_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the condor_tcp_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
index c880bf747..1ccfe15a1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_conman_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the conman_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
index e9051bb95..3c18677ab 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_container_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the container_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
index f01af3d61..24a52cd64 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_can_relabel/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the cron_can_relabel SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
index c1d20f8e7..ac0e0def6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_system_cronjob_use_shares/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the cron_system_cronjob_use_shares SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
index f4daf0a69..aab6e8f86 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cron_userdomain_transition/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the cron_userdomain_transition SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
index d1d7ded60..a505ee037 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cups_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cups_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
index af5727d6e..9716421dc 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_cvs_read_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the cvs_read_shadow SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
index e2f136bf0..0f05a756d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_dump_core/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the daemons_dump_core SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
index 07ef43204..2ed8dac45 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_enable_cluster_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the daemons_enable_cluster_mode SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
index f84422911..275327d12 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tcp_wrapper/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the daemons_use_tcp_wrapper SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
index 02622dcd4..61796c923 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_daemons_use_tty/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the daemons_use_tty SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
index c75cce8ad..1e6098c3b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the dbadm_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
index 2b9a11bad..218512e69 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_manage_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the dbadm_manage_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
index 707d71132..02def382c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dbadm_read_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the dbadm_read_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
index cc97623af..76697fe83 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure the deny_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
index 89693152e..a50551701 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_deny_ptrace/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the deny_ptrace SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
index 9b4bfe10d..372c9ba3d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpc_exec_iptables/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the dhcpc_exec_iptables SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
index 75f044c45..cc399eac6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_dhcpd_use_ldap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the dhcpd_use_ldap SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
index 5afdc364c..70893487f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_fd_use/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the domain_fd_use SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
index 90f835f04..f3d8593b5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_domain_kernel_load_modules/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the domain_kernel_load_modules SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
index 2c75b1176..8a7df966c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_entropyd_use_audio/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the entropyd_use_audio SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
index 12305e08a..27716b9e7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_can_connect_db/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the exim_can_connect_db SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
index 2d54130dd..e5c9af8eb 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_manage_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the exim_manage_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
index b240c1161..8f10bb007 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_exim_read_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the exim_read_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
index 9b3cf7564..c6a32cf13 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fcron_crond/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the fcron_crond SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
index 1f71bedb2..79ca65b59 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the fenced_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
index cac41de7b..4068f9e31 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fenced_can_ssh/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the fenced_can_ssh SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
index 57686707b..0509cf9fd 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_fips_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the fips_mode SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
index dbf31b534..2575707e6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
index 579ac3f59..0f236f9ab 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_all_unreserved/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_connect_all_unreserved SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
index f2d973bab..98afe6461 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_connect_db/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_connect_db SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
index cf9e78266..8bb6ba215 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_full_access/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_full_access SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
index 14b1f7526..797f97e83 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
index 6cb9d9df4..51264cf58 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
index 4035d4f83..97459b4e4 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
index c12360649..6ac9c113e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ftpd_use_passive_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ftpd_use_passive_mode SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
index 47e9b420c..c9c17dfc6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_cgi_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
index ca5a2bcdf..c21011bb3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_cgi_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
index f8b5c912a..fb4381750 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_cgi_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_cgi_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
index 8dffa1dd3..cfe12f9fb 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_bind_all_unreserved_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_session_bind_all_unreserved_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
index f4dca61aa..bcaaf61a6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_session_users/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_session_users SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
index 170fcfdfd..04b0c266d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_system_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
index c46e622e3..83eb41bc8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_system_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
index b149744b9..bf6b24a90 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_git_system_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the git_system_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
index 2fa3db75f..28827adfb 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gitosis_can_sendmail/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the gitosis_can_sendmail SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
index f83249183..bd532ae61 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_api_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the glance_api_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
index ee835d3e6..a36f67d8a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the glance_use_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
index 70546358d..1db3f82da 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_glance_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the glance_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
index 12cb7bdcd..a6468f011 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_global_ssp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the global_ssp SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
index 19903fc98..1b2d7d37c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the gluster_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
index c586752c0..78ed96d12 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_ro/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the gluster_export_all_ro SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
index 953d6f515..b1c55efe5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gluster_export_all_rw/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Configure the gluster_export_all_rw SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
index d5d68c103..632263199 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gpg_web_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the gpg_web_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
index 9cf94d269..0dd9c4c09 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_gssd_read_tmp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the gssd_read_tmp SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
index d889a510c..baf11579d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_guest_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the guest_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
index f5e5a38ea..33602565d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_haproxy_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the haproxy_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
index 7ac8bcaca..7e95a9cf7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
index 9d1fbe439..683d55380 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_builtin_scripting/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Configure the httpd_builtin_scripting SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
index f08b0711b..0409a6b7f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_check_spam/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_check_spam SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
index 6511bfe2c..ec0dde96f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ftp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_connect_ftp SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
index 9d088182d..1f3027802 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_ldap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_connect_ldap SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
index fe8400ee8..ca2115fb3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_mythtv/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_connect_mythtv SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
index d82826068..181e1de9d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_connect_zabbix/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_connect_zabbix SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
index 51f2d075d..4ebb1b8c9 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
index 04ffe7de1..9e47001ce 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_cobbler/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_network_connect_cobbler SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
index 38b2cbfe4..91af7c33b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_connect_db/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_network_connect_db SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
index d844dcdb3..0823b645a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_memcache/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_network_memcache SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
index bff3c8cef..2607875f9 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_network_relay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_network_relay SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
index 8d73dd264..9d3aef316 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_can_sendmail/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_can_sendmail SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
index 3cfbca8a6..a9d6863a6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_avahi/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_dbus_avahi SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
index da62291cf..93fcb742c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dbus_sssd/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_dbus_sssd SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
index dc9651f93..30fe62db9 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_dontaudit_search_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_dontaudit_search_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
index 63eb6e1e9..3e8b35577 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_cgi/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Configure the httpd_enable_cgi SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
index 677ed3ce7..0ffe70487 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_ftp_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_enable_ftp_server SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
index a2b052311..f8ed5f620 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
index ee05eba77..d249a49ff 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
index b5a42076c..6dcf30191 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_graceful_shutdown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the httpd_graceful_shutdown SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
index d8453a7d0..5216f5921 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_manage_ipa/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_manage_ipa SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
index 0b2ad316e..a4d73e50a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_ntlm_winbind/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_mod_auth_ntlm_winbind SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
index eaf8ea4de..716aca495 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_mod_auth_pam/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_mod_auth_pam SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
index e258ff541..6030e8ed3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_read_user_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_read_user_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
index d8b3f4e6c..1acc360f3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_ipa/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_run_ipa SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
index 413472cbb..63fda6cde 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_preupgrade/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_run_preupgrade SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
index 4cc542849..094a31d77 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_run_stickshift/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_run_stickshift SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
index 27a979c82..cf14e7461 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_serve_cobbler_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_serve_cobbler_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
index e09231f7a..c5a210270 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_setrlimit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_setrlimit SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
index 81ee37989..2959a886a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_ssi_exec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_ssi_exec SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
index 61140b8d5..afe68c7c1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_sys_script_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_sys_script_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
index ad6c2ea72..9709e4220 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tmp_exec/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_tmp_exec SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
index 12b4dcc14..2217448a2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_tty_comm/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_tty_comm SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
index ffcda8a2b..4e2d85a20 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_unified/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_unified SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
index 4a5c7bdc1..4c108c159 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
index 79c4149f4..90e1e61fe 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
index d022811e8..5145fb036 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_gpg/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_gpg SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
index 4080ca052..89d98670d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
index dbbb07cfe..3993dc8b2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_openstack/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_openstack SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
index fe0840e27..50e775806 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_use_sasl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_use_sasl SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
index 61def0aac..51cc4240f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_httpd_verify_dns/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the httpd_verify_dns SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
index 724cbbce6..1f273623e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_icecast_use_any_tcp_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the icecast_use_any_tcp_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
index a7da73c3e..f2a42a61d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irc_use_any_tcp_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the irc_use_any_tcp_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
index d82f9ff24..5962ef563 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_irssi_use_full_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the irssi_use_full_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
index fdb0a982d..63764f26f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kdumpgui_run_bootloader/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the kdumpgui_run_bootloader SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
index 37235acc6..32e39027e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_kerberos_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the kerberos_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
index eb32deaf5..a4ff48f76 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ksmtuned_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
index 86376cba8..b172ec907 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ksmtuned_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the ksmtuned_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
index 5b5dd95a9..e68d0977c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logadm_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the logadm_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
index b515961c1..8d3f7cbb8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_can_sendmail/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the logging_syslogd_can_sendmail SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
index 3c520540b..5a35e816e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_run_nagios_plugins/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the logging_syslogd_run_nagios_plugins SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
index 7b90abe8a..497733325 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logging_syslogd_use_tty/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the logging_syslogd_use_tty SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
index 3112822f5..0b3406a47 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_login_console_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the login_console_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
index 8e3277728..46cd60a74 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logrotate_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the logrotate_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
index d5e181b98..fb6c89623 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_logwatch_can_network_connect_mail/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the logwatch_can_network_connect_mail SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
index 4d3c78388..0cc6a3ae7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_lsmd_plugin_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the lsmd_plugin_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
index 6dfb2e01a..3e3df0516 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mailman_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mailman_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
index d235fe6f6..17e6ca07d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_client/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mcelog_client SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
index 46c9d61a1..b45fceb44 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_exec_scripts/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the mcelog_exec_scripts SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
index 807579406..8246c4d29 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_foreground/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mcelog_foreground SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
index 48cc45cbc..736048168 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mcelog_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mcelog_server SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
index 040edc1fb..afabbb612 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_minidlna_read_generic_user_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the minidlna_read_generic_user_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
index 9429d9431..156742e31 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mmap_low_allowed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the mmap_low_allowed SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
index 7f95fd02d..38a7b28f0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mock_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the mock_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
index 3fa8cfdf0..bde8e8db8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mount_anyfile/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the mount_anyfile SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
index a461e3018..af3350b50 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_bind_unreserved_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_plugin_bind_unreserved_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
index b544dd129..06935eb0c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_plugin_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
index 878c10bd9..bf7d76076 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_bluejeans/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_plugin_use_bluejeans SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
index eba60ff34..6a8f56f01 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_gps/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_plugin_use_gps SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
index a5655a348..5de394a40 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_plugin_use_spice/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_plugin_use_spice SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
index 8d8407db2..46e27563d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mozilla_read_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mozilla_read_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
index db538e06f..259574009 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mpd_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
index 5bff3c990..6d506c62f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mpd_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
index 97140465f..660abd3a9 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mpd_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mpd_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
index bb5e59484..28cb5c61a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mplayer_execstack/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mplayer_execstack SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
index 98a1ebcf9..b2abe005f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_mysql_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the mysql_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
index 70347807f..eb678c12b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_pnp4nagios/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the nagios_run_pnp4nagios SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
index 489a099a9..40ae1a430 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nagios_run_sudo/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the nagios_run_sudo SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
index a51fbbeac..f75222869 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_tcp_bind_http_port/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the named_tcp_bind_http_port SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
index c9d54a988..f76af6b67 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_named_write_master_zones/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the named_write_master_zones SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
index b543c7330..30ee879c4 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_neutron_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the neutron_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
index c0718a62c..c12b446f1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_ro/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the nfs_export_all_ro SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
index 0355bad7c..3295527de 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfs_export_all_rw/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the nfs_export_all_rw SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
index 8d21a80bb..7e6f439b6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nfsd_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the nfsd_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
index 9ae527eef..792a6b817 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nis_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the nis_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
index 2223ef849..6f1906d11 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_nscd_use_shm/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the nscd_use_shm SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
index 1c4fa8c18..f212384c5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openshift_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the openshift_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
index affa929a5..9888521be 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the openvpn_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
index 425be626d..220c5faa5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_enable_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the openvpn_enable_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
index 8ebfe5426..1aacfbe9b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_openvpn_run_unconfined/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the openvpn_run_unconfined SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
index c1a13523f..e5c5437ec 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_bind_all_unreserved_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the pcp_bind_all_unreserved_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
index 9f902520a..62cb90544 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pcp_read_generic_logs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the pcp_read_generic_logs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
index bf1ea51c4..214b49163 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_piranha_lvs_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the piranha_lvs_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
index 7e628966d..a58258b0e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_connect_all_unreserved/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the polipo_connect_all_unreserved SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
index fa974402e..1ed8e6279 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_bind_all_unreserved_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the polipo_session_bind_all_unreserved_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
index f2f93ba30..28ef12d05 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_session_users/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the polipo_session_users SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
index 0f0fe5d6c..7a5a8e9ea 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_cifs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the polipo_use_cifs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
index 1c1d302e5..908605bd9 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polipo_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the polipo_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
index 29a752033..8d6d107dc 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_polyinstantiation_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure the polyinstantiation_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
index 1c0612800..c138f89cf 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postfix_local_write_mail_spool/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the postfix_local_write_mail_spool SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
index 2d4f2e59f..9b0ab797a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_can_rsync/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the postgresql_can_rsync SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
index f7fdf042b..90116430e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_transmit_client_label/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the postgresql_selinux_transmit_client_label SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
index e4e888a81..a266c60d5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_unconfined_dbadm/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the postgresql_selinux_unconfined_dbadm SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
index 215daf937..8ed6eb0f3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_postgresql_selinux_users_ddl/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the postgresql_selinux_users_ddl SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
index 9ff991731..c13494ff4 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_can_insmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the pppd_can_insmod SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
index ef5d648f7..ae0700da0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_pppd_for_user/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the pppd_for_user SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
index b9f049901..883e4dd32 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_privoxy_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the privoxy_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
index ec8fa105b..f05a79bf1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_prosody_bind_http_port/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the prosody_bind_http_port SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
index ce7bc2f5f..39bf213f1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetagent_manage_all_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the puppetagent_manage_all_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
index 894fed16b..ae9650af8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_puppetmaster_use_db/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the puppetmaster_use_db SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
index 2cae0d28b..7f2ed3210 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_racoon_read_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the racoon_read_shadow SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
index 8720c0306..11a61d7be 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the rsync_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
index 588788376..830f4e05a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_client/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the rsync_client SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
index 154646cfa..7918c93e5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_export_all_ro/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the rsync_export_all_ro SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
index 832dfa25a..1a4cdf4e2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_rsync_full_access/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the rsync_full_access SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
index 85b65a88f..a504df612 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_create_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_create_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
index c67f1f86c..c5735d760 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_domain_controller/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_domain_controller SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
index 1698ed1d4..633c887bf 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_enable_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_enable_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
index 9a21f5f63..fcf57ba01 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_ro/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_export_all_ro SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
index fd52c836b..55af70a0e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_export_all_rw/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_export_all_rw SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
index 826beddf1..230f1afcf 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_load_libgfapi/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_load_libgfapi SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
index d901e6866..b0a21c062 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_portmapper/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_portmapper SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
index c409c6bb0..36a390635 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_run_unconfined/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_run_unconfined SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
index cc2efcfb9..83fbcd128 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_share_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
index 085f7118f..fd199098f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_samba_share_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the samba_share_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
index 074280640..4d4a616b2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the sanlock_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
index c1a64ba85..839a502bd 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the sanlock_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
index c413f111f..798d19ee6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sanlock_use_samba/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the sanlock_use_samba SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
index f0d4bbc9b..f250e7a1d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_saslauthd_read_shadow/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the saslauthd_read_shadow SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
index d781baab8..29197b2b0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secadm_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the secadm_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
index 36c8756dd..29a33a738 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the secure_mode SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
index 17babc7f3..5535c3637 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_insmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure the secure_mode_insmod SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
index 062b9686f..829b39073 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_secure_mode_policyload/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the secure_mode_policyload SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
index 7e58c5f26..53edcf951 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_direct_dri_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Configure the selinuxuser_direct_dri_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
index e2bb4d6cf..f694419c8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable the selinuxuser_execheap SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
index 46f76ce22..9aed537c3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Enable the selinuxuser_execmod SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
index 446c8225b..3fef4a858 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable the selinuxuser_execstack SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
index 88a2a92d6..b238e78f4 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_mysql_connect_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_mysql_connect_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
index 79b96246b..21b5d26ee 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_ping/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the selinuxuser_ping SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
index 6d70e9d53..b0ebf970f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_postgresql_connect_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_postgresql_connect_enabled SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
index 7092bbffc..fa8798b7b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_rw_noexattrfile/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_rw_noexattrfile SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
index fb492e6d3..136ac7f72 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_share_music/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_share_music SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
index 3dcf75440..014cc6501 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_tcp_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_tcp_server SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
index 89bb3dc5e..0fa91f4df 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_udp_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_udp_server SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
index 518bd1745..3bb6cdf97 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_use_ssh_chroot/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the selinuxuser_use_ssh_chroot SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
index 17054b75b..98f00b4da 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_domain_can_network_connect/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the sge_domain_can_network_connect SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
index df44870be..f8d8c50d7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sge_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the sge_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
index 03a20026b..4f2841ef6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smartmon_3ware/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the smartmon_3ware SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
index a597045a1..d1e0e1a65 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_smbd_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the smbd_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
index 04514bdec..61c0e9f94 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamassassin_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the spamassassin_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
index 3f743cbf1..21caa6b86 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_spamd_enable_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the spamd_enable_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
index ec5c45e7e..92fc9bb19 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the squid_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
index dd156deb2..e08c8d5cc 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_squid_use_tproxy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the squid_use_tproxy SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
index df38b35f8..f903835c7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_chroot_rw_homedirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the ssh_chroot_rw_homedirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
index 60b99ed0a..f9e5f1792 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_keysign/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the ssh_keysign SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
index 79b12b381..7bd1b3078 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_ssh_sysadm_login/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Disable the ssh_sysadm_login SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
index 2292c61e9..b82a62473 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the staff_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
index 4cb6582d4..2b16a69f2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_staff_use_svirt/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the staff_use_svirt SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
index 60ac4523f..78ecd5ab6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_swift_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the swift_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
index 0fc83bc14..7c540e298 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_sysadm_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the sysadm_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
index d4d469d26..a68b4768c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_connect_all_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the telepathy_connect_all_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
index 1321809ab..efc179025 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_telepathy_tcp_connect_generic_network_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the telepathy_tcp_connect_generic_network_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
index 7d8a2cc23..ae954e3c6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tftp_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
index 9b553ff79..e1fe061d2 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tftp_home_dir/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tftp_home_dir SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
index 1d6ea593c..d157d6225 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tmpreaper_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
index 0981d8bb7..e23d3a512 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tmpreaper_use_samba/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tmpreaper_use_samba SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
index df86f4519..524358bf4 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_bind_all_unreserved_ports/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tor_bind_all_unreserved_ports SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
index 86e08e388..d572a7ce6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_tor_can_network_relay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the tor_can_network_relay SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
index f0556d174..cc9bd3320 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_chrome_sandbox_transition/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the unconfined_chrome_sandbox_transition SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
index 839767ab2..d99e0b5f6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_login/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the unconfined_login SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
index d8f69ced2..d0b2c3436 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unconfined_mozilla_plugin_transition/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the unconfined_mozilla_plugin_transition SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
index b9ea2bbe1..3a0c854f5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_unprivuser_use_svirt/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the unprivuser_use_svirt SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
index 74b827fc1..d88ee8e08 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_ecryptfs_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the use_ecryptfs_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
index 0b74be730..d14176edf 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_fusefs_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the use_fusefs_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
index ec79d2ec8..58afa0a4a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_lpd_server/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the use_lpd_server SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
index fdfad24e7..bbf63d1b0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_nfs_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the use_nfs_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
index 4da19ea45..889ac06ad 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_use_samba_home_dirs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the use_samba_home_dirs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
index 2ba42daf6..48d888b1d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_user_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Enable the user_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
index 0b2097dc3..cb8301099 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_varnishd_connect_any/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the varnishd_connect_any SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
index 7899bd3b7..1f845aae6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_read_qemu_ga_data/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_read_qemu_ga_data SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
index 822b9894f..c2741632b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_rw_qemu_ga_data/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_rw_qemu_ga_data SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
index df5c0c827..a467c1b8f 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_all_caps/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_sandbox_use_all_caps SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
index f0009fe45..4fe4cc33e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_audit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the virt_sandbox_use_audit SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
index 03b024c0e..13c18a91c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_mknod/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_sandbox_use_mknod SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
index 1891511d2..68b1502cf 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_netlink/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_sandbox_use_netlink SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
index b7fcd58a9..25bbba0e5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_sandbox_use_sys_admin/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_sandbox_use_sys_admin SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
index 3a54abbba..16c79c80a 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_transition_userdomain/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_transition_userdomain SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
index bef0f9a8f..c1b60f1d1 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_comm/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_comm SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
index b4c890c43..403009c23 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
index f92f814f0..80087403d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_fusefs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_fusefs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
index 7db9e5b36..5a80e646c 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
index ea059d549..3fb4e8cfc 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_rawip/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_rawip SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
index bd6cccac2..47238cac8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_samba/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_samba SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
index 7db733fe8..daa451b3e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_sanlock/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_sanlock SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
index bc2e3350b..41f4e8f12 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_usb/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_usb SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
index 8420fe493..aaf8d58ae 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_virt_use_xserver/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the virt_use_xserver SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
index 3d69f6b2a..92f3e0687 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_manage_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the webadm_manage_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
index c8859dd0e..3dca80669 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_webadm_read_user_files/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the webadm_read_user_files SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
index 46ea5e901..dbde677d8 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_wine_mmap_zero_ignore/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the wine_mmap_zero_ignore SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
index 456b95fa5..ee18f1f82 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_bind_vnc_tcp_port/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xdm_bind_vnc_tcp_port SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
index 0e2d6630e..0c9aff073 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_exec_bootloader/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xdm_exec_bootloader SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
index 5c7983247..7ea74f6c0 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_sysadm_login/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xdm_sysadm_login SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
index 1231f32f4..24ea4078d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xdm_write_home/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xdm_write_home SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
index 38ff90e0a..f6a3acf5d 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xen_use_nfs/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the xen_use_nfs SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
index 9bd435159..be5c8719e 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_blktap/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the xend_run_blktap SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
index 1faef3c80..43ae6c7c6 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xend_run_qemu/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Enable the xend_run_qemu SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
index 13fc1d0ad..a8764ac4b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_connect_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xguest_connect_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
index fa2c6693c..e098da1d3 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_exec_content/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xguest_exec_content SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
index 59420f0aa..a8c34a582 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_mount_media/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xguest_mount_media SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
index 7052e9875..ebd8154bc 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xguest_use_bluetooth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xguest_use_bluetooth SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
index aca077be5..dff835dc7 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_clients_write_xshm/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xserver_clients_write_xshm SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
index 393ec2b3b..19df417c5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_execmem/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xserver_execmem SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
index 6f9a0de7f..7a0356a45 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_xserver_object_manager/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Disable the xserver_object_manager SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
index f48eccf14..cc0c46a35 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zabbix_can_network/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the zabbix_can_network SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
index 4775f9297..c36989c4b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zarafa_setrlimit/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the zarafa_setrlimit SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
index ede5e2a43..6d569cd18 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zebra_write_config/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the zebra_write_config SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
index f97013e6c..83c549808 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_anon_write/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the zoneminder_anon_write SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
index dc7b1290a..8b0cc9eff 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_zoneminder_run_sudo/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9
+prodtype: rhel7,rhel8,rhel9,almalinux9
title: 'Disable the zoneminder_run_sudo SELinux Boolean'
diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
index 7065c1eb9..b52751a11 100644
--- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Ensure No Device Files are Unlabeled by SELinux'
diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
index 00cc2ffc2..095d8040f 100644
--- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle15
title: 'Ensure No Daemons are Unconfined by SELinux'
diff --git a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
index fa39b8af6..33e2978d4 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
index 0b33e5768..c9b647b8e 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
+++ b/linux_os/guide/system/selinux/selinux_policytype/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
index d84bae70e..b09c1f884 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure SELinux Policy'
diff --git a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
index 3234ef102..9961cbdd9 100644
--- a/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
+++ b/linux_os/guide/system/selinux/selinux_state/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
index 1f458fa5b..3a9811ea3 100644
--- a/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
+++ b/linux_os/guide/system/selinux/selinux_state/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
index d4c211c10..11a0f1318 100644
--- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Map System Users To The Appropriate SELinux Role'
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
index a7b2c5bcc..37bb0c032 100644
--- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Encrypt Partitions'
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
index 65cde9418..a1eebc3cd 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_tmp/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu1804,ubuntu2004,ubuntu2204
title: 'Ensure /var/tmp Located On Separate Partition'
diff --git a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
index 814a0103c..476d0c026 100644
--- a/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/gnome/dconf_db_up_to_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Make sure that the dconf databases are up-to-date with regards to respective keyfiles'
diff --git a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
index fd69a8620..6f7601b29 100644
--- a/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
+++ b/linux_os/guide/system/software/gnome/enable_dconf_user_profile/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure GNOME3 DConf User Profile'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
index c3baa1b80..be83f158f 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
index b5bf2b998..ae67a6374 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_restart_shutdown/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Disable the GNOME3 Login Restart and Shutdown Buttons'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
index 917fc7dc4..bc1d7c63c 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
index 50a8651ab..f385e5e0b 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_disable_user_list/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Disable the GNOME3 Login User List'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
index f5d68f1c3..91f02c0d4 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
index 0e5f22171..6893ab752 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_enable_smartcard_auth/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Enable the GNOME3 Login Smartcard Authentication'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
index 3bdd2128d..4ad458ae9 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_lock_screen_on_smartcard_removal/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Enable the GNOME3 Screen Locking On Smartcard Removal'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
index 45e6c24aa..e06d9600f 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
index baf8f8a1f..5c54b83d8 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Set the GNOME3 Login Number of Failures'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
index 6b19c8138..1f656f5a8 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
index cbfcb9c18..e750aab6e 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Disable GDM Automatic Login'
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
index ef2933c52..0d72f6f65 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
index 0ca67c74a..332a5018a 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_xdmcp/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
index 60417ff4e..0af05e798 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
index f969464a3..cd0b7082f 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Disable GNOME3 Automounting'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
index ac168ef9f..69ecfa6a7 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
index 429314038..44e8b7dce 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_automount_open/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Disable GNOME3 Automount Opening'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
index 51e4063c3..3591b7266 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
index b7662be6f..b301fefaa 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_autorun/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Disable GNOME3 Automount running'
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
index 33460b61c..04074e66b 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
index 0ed279aa0..ae74b3460 100644
--- a/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_media_settings/dconf_gnome_disable_thumbnailers/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable All GNOME3 Thumbnailers'
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
index 4e389aa5c..254db9bfe 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
index 87f7c6e9a..9bd4036aa 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_create/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable WIFI Network Connection Creation in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
index c3922e5b0..40515598a 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
index af8909aab..52a7ef049 100644
--- a/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_network_settings/dconf_gnome_disable_wifi_notification/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable WIFI Network Notification in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
index 09eed8367..601191b49 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
index ae37afd2e..0f1eea9c7 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle15
title: 'Require Credential Prompting for Remote Access in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
index bf1efbe61..efa5b96a6 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
index 0d7b7c540..94c4e7876 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle15
title: 'Require Encryption for Remote Access in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
index f7c7b4379..95781d5ab 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
index 89d2ecdff..0a2f9fa85 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Enable GNOME3 Screensaver Idle Activation'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
index d3f144c89..ae170b802 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
index b94df803c..4d2b625f6 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_locked/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure Users Cannot Change GNOME3 Screensaver Idle Activation'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
index 5b08acff4..d1af90b16 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
index 58488e8aa..84c6287bd 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Set GNOME3 Screensaver Inactivity Timeout'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
index 9d034e519..2c45806b4 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
index 99c897f17..96a479d15 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2204
title: 'Set GNOME3 Screensaver Lock Delay After Activation Period'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
index d04e6893f..5b9cba007 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
index 8a86e3806..f412ea1c5 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Enable GNOME3 Screensaver Lock After Idle Period'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
index 34ff91ab3..875abf68d 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
index 92ddf0d12..f8eb67a4c 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_locked/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure Users Cannot Change GNOME3 Screensaver Lock After Idle Period'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
index 4dbe2b3c8..7313b6bcd 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
index 48735e16a..760ddd915 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Implement Blank Screensaver'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
index 606e00c5f..792db4ca4 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
index 9f86c7ede..fffac8eac 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Full User Name on Splash Shield'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
index ed7d98843..a41cb7151 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
index a1169934f..ca6fbec61 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure Users Cannot Change GNOME3 Screensaver Settings'
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
index aae97c962..18c7ec75f 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
index 762e8c789..42306ba2c 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Ensure Users Cannot Change GNOME3 Session Idle Settings'
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
index 76181547b..eb340cb5b 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
index 1f04e0af0..5b7b4ee65 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_ctrlaltdel_reboot/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Disable Ctrl-Alt-Del Reboot Key Sequence in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
index fa4f578ef..f0d0708d1 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = false
# strategy = unknown
# complexity = low
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
index faa389c25..027310324 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_geolocation/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Geolocation in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
index 7a2e35b8f..81948e7e2 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_power_settings/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9
title: 'Disable Power Settings in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
index 592f85584..218caaa41 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Disable User Administration in GNOME3'
diff --git a/linux_os/guide/system/software/gnome/group.yml b/linux_os/guide/system/software/gnome/group.yml
index c7617bc43..7de8de33c 100644
--- a/linux_os/guide/system/software/gnome/group.yml
+++ b/linux_os/guide/system/software/gnome/group.yml
@@ -12,7 +12,7 @@ description: |-
{{% if 'ol' in product %}}
Oracle Linux Graphical environment.
{{% else %}}
- Red Hat Graphical environment.
+ AlmaLinux Graphical environment.
{{% endif %}}
<br /><br />
For more information on GNOME and the GNOME Project, see <b>{{{ weblink(link="https://www.gnome.org") }}}</b>.
diff --git a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
index 205adaf50..c610627ed 100644
--- a/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
+++ b/linux_os/guide/system/software/gnome/package_gdm_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Remove the GDM Package Group'
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
index d7610c432..20eee3265 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
+prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204
title: 'The Installed Operating System Is FIPS 140-2 Certified'
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
index 16c3847ad..fe79866e1 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
@@ -4,6 +4,7 @@
The operating system installed on the system is supported by a vendor that provides security patches.
") }}}
<criteria comment="Installed operating system is supported by a vendor" operator="OR">
+ <extend_definition comment="Installed OS is ALMALINUX9" definition_ref="installed_OS_is_almalinux9" />
<extend_definition comment="Installed OS is RHEL7" definition_ref="installed_OS_is_rhel7" />
<extend_definition comment="Installed OS is RHEL8" definition_ref="installed_OS_is_rhel8" />
<extend_definition comment="Installed OS is RHEL9" definition_ref="installed_OS_is_rhel9" />
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
index 234eb42b8..95d0d85aa 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'The Installed Operating System Is Vendor Supported'
@@ -12,6 +12,9 @@ description: |-
{{% elif product in ["sle12", "sle15"] %}}
SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
vendor, SUSE is responsible for providing security patches.
+{{% elif product == "almalinux9" %}}
+ AlmaLinux is supported by AlmaLinux. As the AlmaLinux
+ vendor, AlmaLinux is responsible for providing security patches.
{{% else %}}
Red Hat Enterprise Linux is supported by Red Hat, Inc. As the Red Hat Enterprise
Linux vendor, Red Hat, Inc. is responsible for providing security patches.
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
index cafd1940a..ad85c5f08 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,uos20
title: 'Configure BIND to use System Crypto Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
index c7385d2c3..7f6cb14e7 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/absent.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
BIND_CONF='/etc/named.conf'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
index b00bbfe21..1769e27e5 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
{{{ bash_package_remove("bind") }}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
index 4f9c749eb..9330f1f53 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/no_config_file.fail.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# packages = bind
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# We don't remediate anything if the config file is missing completely.
# remediation = none
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
index 34a32a73b..05437d75f 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/ok.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
BIND_CONF='/etc/named.conf'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
index 290e5fb07..b0643b48a 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/overrides.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = bind
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
BIND_CONF='/etc/named.conf'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
index dd096ab41..b180ed3b3 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/kubernetes/shared.yml
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhcos
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
index d1aec7744..51b86c1eb 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,sle15,uos20
title: 'Configure System Cryptography Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
index 053093a64..16bdc0272 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/cis_l2.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
index b607202c5..175381afb 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = crypto-policies-scripts
# IMPORTANT: This is a false negative scenario.
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
index e5b598342..5608d4124 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = crypto-policies-scripts
update-crypto-policies --set "DEFAULT"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
index 7be3c82f3..96c42acfe 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
index 261dc3f96..2cde26d7d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
index 356aa3ffe..caba47b8c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_policy_file.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
index 06bd713dd..5d4abd801 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
index 56a081eca..aa25f4415 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
index 10cb25593..ff169499c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
index a2107d146..6964ade32 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_e8
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
index b06e035fa..a3c503b8d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_default_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
index 6679f94bd..cc37b1c9d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
index 9461c3ddd..6b048f2f5 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/wrong_policy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
index 12ca11e55..bcc51e9da 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_gnutls_tls_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,rhel8,rhel9
+prodtype: fedora,ol8,rhel8,rhel9,almalinux9
title: 'Configure GnuTLS library to use DoD-approved TLS Encryption'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
index 094beadb3..4dbc00505 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,uos20
title: 'Configure Kerberos to use System Crypto Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
index 4834387dc..439e0a768 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_correct_policy.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
rm -f /etc/krb5.conf.d/crypto-policies
ln -s /etc/crypto-policies/back-ends/krb5.config /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
index 97ccc0590..5c7895552 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_missing_policy.fail.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
rm -f /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
index 4eb5348f2..42201408e 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/tests/kerberos_wrong_policy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
rm -f /etc/krb5.conf.d/crypto-policies
ln -s /etc/crypto-policies/back-ends/openssh.config /etc/krb5.conf.d/crypto-policies
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
index 5c8655c92..24cdf79db 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Configure Libreswan to use System Crypto Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
index 9379b5ff3..dabf4b06b 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
{{{ bash_package_remove("libreswan") }}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
index 439da4978..927540f2c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_commented.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
index fbc8f1001..ced17d043 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_is_there.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
index 70f822342..c48a70d45 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/line_not_there.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
index 2863c6102..425d537a5 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/wrong_value.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = libreswan
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
cp ipsec.conf /etc
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml
index 3dd7e1ed8..3067ffe9f 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/ansible/shared.yml
@@ -11,7 +11,7 @@
{{%- set openssl_cnf_dir="/etc/pki/tls" %}}
{{% endif %}}
-{{% if product in ["fedora", "ol9", "rhel9"] %}}
+{{% if product in ["fedora", "ol9", "rhel9", "almalinux9"] %}}
{{% set ansible_openssl_include_directive = ".include = /etc/crypto-policies/back-ends/opensslcnf.config" %}}
{{% else %}}
{{% set ansible_openssl_include_directive = ".include /etc/crypto-policies/back-ends/opensslcnf.config" %}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh
index 4e77718c8..d73aa3a79 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/bash/shared.sh
@@ -2,7 +2,7 @@
OPENSSL_CRYPTO_POLICY_SECTION='[ crypto_policy ]'
OPENSSL_CRYPTO_POLICY_SECTION_REGEX='\[\s*crypto_policy\s*\]'
-{{% if product in ["fedora", "ol9", "rhel9"] %}}
+{{% if product in ["fedora", "ol9", "rhel9", "almalinux9"] %}}
OPENSSL_CRYPTO_POLICY_INCLUSION='.include = /etc/crypto-policies/back-ends/opensslcnf.config'
{{% else %}}
OPENSSL_CRYPTO_POLICY_INCLUSION='.include /etc/crypto-policies/back-ends/opensslcnf.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
index 8cf86b739..4d8219512 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Configure OpenSSL library to use System Crypto Policy'
@@ -10,7 +10,7 @@ title: 'Configure OpenSSL library to use System Crypto Policy'
{{%- set openssl_cnf_path="/etc/pki/tls/openssl.cnf" %}}
{{%- endif %}}
-{{% if product in ["fedora", "ol9", "rhel9"] %}}
+{{% if product in ["fedora", "ol9", "rhel9", "almalinux9"] %}}
{{% set include_directive = ".include = /etc/crypto-policies/back-ends/opensslcnf.config" %}}
{{% else %}}
{{% set include_directive = ".include /etc/crypto-policies/back-ends/opensslcnf.config" %}}
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
index 8ccb6cef9..75803a026 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/include_with_equal_sign.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
index edeca90f0..250872dbe 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/nothing.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
index 8c509ef32..cede47573 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/ok.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
index 1c9342e23..836ed61d1 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/section_not_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
index 1b2ea8d80..fcffa0118 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/tests/wrong.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,multi_platform_sle
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_sle
. common.sh
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
index 767481d1e..709402bb7 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_tls_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure OpenSSL library to use TLS Encryption'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
index 2373c03c3..a332ccbd8 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Configure SSH to use System Crypto Policy'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
index 96ae6a064..b0a717135 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/absent.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
index 6ab33f749..46f010e8d 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/case_insensitive_present.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
index bcea9badc..24728b674 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/comment.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
index ea6d23ee1..04ec08881 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/no_config_file.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
index a6e7c89da..953ad981c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/tests/overrides.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
#
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
SSH_CONF="/etc/sysconfig/sshd"
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
index 00bbcf955..11cebbaa2 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure SSH Client to Use FIPS 140-2 Validated Ciphers: openssh.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
index c4edc79bf..4552f5c15 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure SSH Server to Use FIPS 140-2 Validated Ciphers: opensshserver.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
index 8736e39af..f1b8e7bd8 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure SSH Client to Use FIPS 140-2 Validated MACs: openssh.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
index f08f120f9..e81ea7532 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_opensshserver_conf_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Configure SSH Server to Use FIPS 140-2 Validated MACs: opensshserver.config'
diff --git a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
index 68dc260a8..c5d2357ad 100644
--- a/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/package_crypto-policies_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol8,ol9,rhel8,rhel9
+prodtype: ol8,ol9,rhel8,rhel9,almalinux9
title: 'Install crypto-policies package'
diff --git a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
index 0447bf2c4..43627ebd3 100644
--- a/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/disable_prelink/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
index a1dbb727a..e35c1dd9b 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Install Intrusion Detection Software'
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
index c0e75cb0b..a152527d2 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/agent_mfetpd_running/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Ensure McAfee Endpoint Security for Linux (ENSL) is running'
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
index ef172b86b..4a8f0f0ce 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/mcafee_security_software/mcafee_endpoint_security_software/package_mcafeetp_installed/rule.yml
@@ -6,7 +6,7 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,ubuntu2004,ubuntu2204
title: 'Install McAfee Endpoint Security for Linux (ENSL)'
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
index 9647791ef..9f70b30d4 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol
# reboot = true
# strategy = restrict
# complexity = medium
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
index 5da0c99e6..57ac7592b 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,Red Hat Virtualization 4
fips-mode-setup --enable
FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
index 62cfc0d6a..38793f1bc 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4
title: "Enable Dracut FIPS Module"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
index 9c232fc94..f3d71ee21 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_missing.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = crypto-policies-scripts
-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
fips-mode-setup --enable
FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
index b92e82236..138d2c997 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
+++ b/linux_os/guide/system/software/integrity/fips/enable_dracut_fips_module/tests/fips_dracut_module_present.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = crypto-policies-scripts
-# platform = multi_platform_rhel,Red Hat Virtualization 4,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,Red Hat Virtualization 4,multi_platform_ol
fips-mode-setup --enable
FIPS_CONF="/etc/dracut.conf.d/40-fips.conf"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
index 3b50e0706..fe102e2f5 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
@@ -68,7 +68,7 @@
<ind:variable_state id="ste_system_crypto_policy_value" version="2"
comment="variable value is set to 'FIPS' or 'FIPS:modifier', where the modifier corresponds
to a crypto policy module that further restricts the modified crypto policy.">
- {{% if product in ["ol9","rhel9"] -%}}
+ {{% if product in ["ol9","rhel9", "almalinux9"] -%}}
<ind:value operation="pattern match" datatype="string">^FIPS(:OSPP)?$</ind:value>
{{%- else %}}
{{# Legacy and more relaxed list of crypto policies that were historically considered
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
index c6e966202..ea9661cc3 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4
title: Enable FIPS Mode
diff --git a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
index 33841e4d3..3a232595f 100644
--- a/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/etc_system_fips_exists/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4
title: Ensure '/etc/system-fips' exists
diff --git a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
index 2aafe35d7..701a49758 100644
--- a/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/sysctl_crypto_fips_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,ol9,rhcos4,rhel8,rhel9,almalinux9,rhv4
title: "Set kernel parameter 'crypto.fips_enabled' to 1"
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
index 0cdb5d98d..a98b5566c 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_package_install("aide") }}}
{{% if 'sle' in product %}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
index 43e5f16ef..4e70d505a 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Build and Test AIDE Database'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
index 883c40270..496e772c1 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_sle,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
index ea2a1113b..fbc6b9b8a 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
index 4d786f01b..0c4189f58 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure AIDE to Verify the Audit Tools'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
index 5f751bee5..2684687ff 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = aide
aide --init
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
index f80f6fd52..3d2bde623 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = aide
declare -a bins
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
index 692a60d0e..50411aad5 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = aide
declare -a bins
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
index 65bf85123..708ef4e4d 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = aide
aide --init
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
index dfa5c1b6c..60ac94141 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
{{{ bash_package_install("aide") }}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
index 123e0ebf2..6d707f151 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
@@ -4,7 +4,7 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Configure Periodic Execution of AIDE'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
index 8ba2e2067..eae51324a 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure Notification of Post-AIDE Scan Details'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
index 34a114520..b22a658da 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_ol
+# platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
{{{ bash_package_install("aide") }}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
index b6b7b17b2..28010113b 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_use_fips_hashes/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,rhel7,rhel8,rhel9,rhv4
+prodtype: ol7,ol8,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Configure AIDE to Use FIPS 140-2 for Validating Hashes'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
index acf599624..d8d135e23 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure AIDE to Verify Access Control Lists (ACLs)'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
index 161718276..97b2863a4 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Configure AIDE to Verify Extended Attributes'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
index 7cb7eb36d..ffa6a2c4c 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_group_ownership/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol8,ol9,rhel8,rhel9
+prodtype: alinux3,ol8,ol9,rhel8,rhel9,almalinux9
title: Audit Tools Must Be Group-owned by Root
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
index 077a39e0e..e8aedaa82 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol8,ol9,rhel8,rhel9
+prodtype: alinux3,ol8,ol9,rhel8,rhel9,almalinux9
title: Audit Tools Must Be Owned by Root
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
index d31eb6e93..f883d6134 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_permissions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol8,ol9,rhel8,rhel9
+prodtype: alinux3,ol8,ol9,rhel8,rhel9,almalinux9
title: Audit Tools Must Have a Mode of 0755 or Less Permissive
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
index 6e9b2554a..b99d34ef3 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,anolis23,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Install AIDE'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
index 178a7711a..632e8ff8f 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/ansible/shared.yml
@@ -1,5 +1,5 @@
# and the regex_findall does not filter out configuration files the same as bash remediation does
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = high
@@ -12,7 +12,7 @@
- name: "Set fact: Package manager reinstall command (yum)"
set_fact:
package_manager_reinstall_cmd: yum reinstall -y
- when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "OracleLinux")
+ when: (ansible_distribution == "RedHat" or ansible_distribution == "CentOS" or ansible_distribution == "OracleLinux" or ansible_distribution == "AlmaLinux")
- name: "Set fact: Package manager reinstall command (zypper)"
set_fact:
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
index fe8f7abc1..2e36bd503 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# Find which files have incorrect hash (not in /etc, because of the system related config files) and then get files names
files_with_incorrect_hash="$(rpm -Va --noconfig | grep -E '^..5' | awk '{print $NF}' )"
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
index 1706d789a..ab7f15e2d 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Verify File Hashes with RPM'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
index 5c39628ff..9aa639575 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_rhv,multi_platform_ol
# reboot = false
# strategy = restrict
# complexity = high
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
index 329a00f56..d3cce1c0c 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = high
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
index b5b67ae1f..2e806fc04 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_ownership/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux3,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Verify and Correct Ownership with RPM'
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
index 0bd8e7e8a..25b5bd333 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = high
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
index 0f791c95e..0efde1682 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = high
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
index 5ba5ce1f0..1ec02d90f 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Verify and Correct File Permissions with RPM'
diff --git a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
index 4652a0922..35e52e971 100644
--- a/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
+++ b/linux_os/guide/system/software/sudo/package_sudo_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Install sudo Package'
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
index 21ece11e5..26403c434 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0022_state.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_sudo_umask=0027
# Default umask is not explicitly set and has value 0022
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
index c01587242..de0605d2d 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_0027_state.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_sudo_umask=0027
# Default umask is not explicitly set and has value 0022
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
index eb5220278..e19cec598 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_and_default_state.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_sudo_umask=0027
# Default umask is not explicitly set and has value 0022
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
index 0ca7c09b3..05dcae714 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_sudo_umask=0027
echo "Defaults use_pty,umask=0022,noexec" >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
index 39ec72b52..a2849d3b4 100644
--- a/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudo_add_umask/tests/0027_var_multiple_values.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# variables = var_sudo_umask=0027
echo "Defaults use_pty,umask=0027,noexec" >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
index 0e5aed5d0..c75edccd5 100644
--- a/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudo_dedicated_group/tests/root_default.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# remediation = none
# Make sure sudo is owned by root group
diff --git a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
index 78ee25868..6954f3e00 100644
--- a/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_require_reauthentication/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15,ubuntu2204
title: 'Require Re-Authentication When Using the sudo Command'
diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
index b90f566ab..d4dec8c3c 100644
--- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'The operating system must restrict privilege elevation to authorized personnel'
-prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
description: |-
The sudo command allows a user to execute programs with elevated
diff --git a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
index 4d57b106b..b39e53aeb 100644
--- a/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_default_includedir/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Ensure sudo only includes the default configuration directory'
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
index bd9d93947..f39b84748 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
title: 'Ensure invoking users password for privilege escalation when using sudo'
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,sle12,sle15
description: |-
The sudoers security policy requires that users authenticate themselves before they can use sudo.
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
index a258d108a..904d4adb0 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_d_duplicate.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
index cdd8174d2..ab7afd6a4 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
index 093f9dd80..0cd6dbf48 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
index 3372c20b7..6c9e6fc44 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_conflicting_values.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
index ef0abd449..9606a913c 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.fail.sh
@@ -1,4 +1,4 @@
-# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = SUSE Linux Enterprise 15,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
index 6247b5230..bd82dc53d 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_duplicates.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
index 071e3a0ab..b6779c1c5 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_passwd_multiple_files.pass.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
echo 'Defaults !targetpw' >> /etc/sudoers
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
index 273fb4529..b15cdc1da 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_rootpw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
index d477b5972..569a80382 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_runaspw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
index a4c5bde62..42fb94bf8 100644
--- a/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
+++ b/linux_os/guide/system/software/sudo/sudoers_validate_passwd/tests/sudoers_validate_targetpw.fail.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,SUSE Linux Enterprise 15
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,SUSE Linux Enterprise 15
# packages = sudo
touch /etc/sudoers.d/empty
diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
index e9863fa86..0394ac068 100644
--- a/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_geolite2-city_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall geolite2-city Package'
diff --git a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
index 1210a1e8e..fef51b214 100644
--- a/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_geolite2-country_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall geolite2-country Package'
diff --git a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
index 4a5481118..ad0ac07c1 100644
--- a/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_gssproxy_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall gssproxy Package'
diff --git a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
index 8986513f2..ed60597a5 100644
--- a/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_iprutils_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall iprutils Package'
diff --git a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
index e18be68fe..40f2125d5 100644
--- a/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_krb5-workstation_removed/rule.yml
@@ -2,7 +2,7 @@ documentation_complete: true
# new major OS versions will most likely not be applicable because of the
# kerberos version higher than 1.17-18
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall krb5-workstation Package'
diff --git a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
index 2c29f67f5..636247dc1 100644
--- a/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_openscap-scanner_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install openscap-scanner Package'
diff --git a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
index 68043ea54..3630b3518 100644
--- a/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_rear_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Install rear Package'
diff --git a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
index 41a484f26..ff9887bac 100644
--- a/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_rng-tools_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install rng-tools Package'
diff --git a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
index 02ba74f0c..4b9c4adb7 100644
--- a/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_scap-security-guide_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install scap-security-guide Package'
diff --git a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
index f8b801181..93f932777 100644
--- a/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_subscription-manager_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: rhel7,rhel8,rhel9,rhv4
+prodtype: rhel7,rhel8,rhel9,almalinux9,rhv4
title: 'Install subscription-manager Package'
@@ -14,7 +14,7 @@ rationale: |-
or an on-premise server such as Subscription Asset Manager) and works with
content management tools such as {{{ package_manager }}}.
- {{% if product in ["rhel9"] %}}
+ {{% if product in ["rhel9", "almalinux9"] %}}
The package provides, among other things, {{{ package_manager }}} plugins
to interact with repositories and subscriptions
from the Red Hat entitlement platform - the subscription-manager and
diff --git a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
index 48443defd..ef7abd74e 100644
--- a/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
+++ b/linux_os/guide/system/software/system-tools/package_tuned_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall tuned Package'
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
index 9b67b0e22..6891a1f28 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
index 34127fd17..e30b09600 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_rhv,multi_platform_sle
{{% if 'sle' in product %}}
{{{ bash_replace_or_append('/etc/zypp/zypp.conf', '^solver.upgradeRemoveDroppedPackages', 'true', '%s=%s') }}}
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
index ee66181ab..ce062dc75 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: 'Ensure {{{ pkg_manager }}} Removes Previous Package Versions'
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
index 4cba82b3c..1d8495018 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_commented.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
file={{{ pkg_manager_config_file }}}
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
index 3b3bd71f7..d54501d5c 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_correct.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
file={{{ pkg_manager_config_file }}}
diff --git a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
index 8f2e4fac8..20d00061a 100644
--- a/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
+++ b/linux_os/guide/system/software/updating/clean_components_post_updating/tests/yum_wrong_value.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
file={{{ pkg_manager_config_file }}}
diff --git a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
index bbcd9e56d..e7b36b343 100644
--- a/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
+++ b/linux_os/guide/system/software/updating/dnf-automatic_apply_updates/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure dnf-automatic to Install Available Updates Automatically'
diff --git a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
index f0f646748..2c19890a7 100644
--- a/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
+++ b/linux_os/guide/system/software/updating/dnf-automatic_security_updates_only/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Configure dnf-automatic to Install Only Security Updates'
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
new file mode 100644
index 000000000..b9b1e3ea0
--- /dev/null
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/ansible/shared.yml
@@ -0,0 +1,39 @@
+# platform=multi_platform_almalinux
+# reboot = false
+# strategy = restrict
+# complexity = medium
+# disruption = medium
+- name: "Read permission of GPG key directory"
+ stat:
+ path: /etc/pki/rpm-gpg/
+ register: gpg_key_directory_permission
+ check_mode: no
+
+# It should fail if it doesn't find any fingerprints in file - maybe file was not parsed well.
+
+- name: Read signatures in GPG key
+ # According to /usr/share/doc/gnupg2/DETAILS fingerprints are in "fpr" record in field 10
+ command: gpg --show-keys --with-fingerprint --with-colons "/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
+ args:
+ warn: False
+ changed_when: False
+ register: gpg_fingerprints
+ check_mode: no
+
+- name: Set Fact - Installed GPG Fingerprints
+ set_fact:
+ gpg_installed_fingerprints: "{{ gpg_fingerprints.stdout | regex_findall('^pub.*\n(?:^fpr[:]*)([0-9A-Fa-f]*)', '\\1') | list }}"
+
+- name: Set Fact - Valid fingerprints
+ set_fact:
+ gpg_valid_fingerprints: ("{{{ release_key_fingerprint }}}" "{{{ auxiliary_key_fingerprint }}}")
+
+- name: Import AlmaLinux GPG key
+ rpm_key:
+ state: present
+ key: /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+ when:
+ - gpg_key_directory_permission.stat.mode <= '0755'
+ - (gpg_installed_fingerprints | difference(gpg_valid_fingerprints)) | length == 0
+ - gpg_installed_fingerprints | length > 0
+ - ansible_distribution == "AlmaLinux"
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
new file mode 100644
index 000000000..89e6d6aeb
--- /dev/null
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/bash/shared.sh
@@ -0,0 +1,26 @@
+# platform = multi_platform_almalinux
+readonly ALMALINUX_FINGERPRINT="BF18AC2876178908D6E71267D36CB86CB86B3716"
+
+# Location of the key we would like to import (once it's integrity verified)
+readonly ALMALINUX_RELEASE_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9"
+
+RPM_GPG_DIR_PERMS=$(stat -c %a "$(dirname "$ALMALINUX_RELEASE_KEY")")
+
+# Verify /etc/pki/rpm-gpg directory permissions are safe
+if [ "${RPM_GPG_DIR_PERMS}" -le "755" ]
+then
+ # If they are safe, try to obtain fingerprints from the key file
+ # (to ensure there won't be e.g. CRC error)
+ readarray -t GPG_OUT < <(gpg --with-fingerprint --with-colons "$ALMALINUX_RELEASE_KEY" | grep "^fpr" | cut -d ":" -f 10)
+ GPG_RESULT=$?
+ # No CRC error, safe to proceed
+ if [ "${GPG_RESULT}" -eq "0" ]
+ then
+ # Filter just hexadecimal fingerprints from gpg's output from
+ # processing of a key file
+ echo "${GPG_OUT[*]}" | grep -vE "${ALMALINUX_FINGERPRINT}" || {
+ # If $ ALMALINUX_RELEASE_KEY file doesn't contain any keys with unknown fingerprint, import it
+ rpm --import "${ALMALINUX_RELEASE_KEY}"
+ }
+ fi
+fi
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
new file mode 100644
index 000000000..f02f04002
--- /dev/null
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/oval/shared.xml
@@ -0,0 +1,42 @@
+<def-group>
+ <definition class="compliance" id="ensure_almalinux_gpgkey_installed" version="1">
+ <metadata>
+ <title>AlmaLinux gpg-pubkey Package Installed</title>
+ <affected family="unix">
+ <platform>multi_platform_almalinux</platform>
+ </affected>
+ <description>The AlmaLinux key packages are required to be installed.</description>
+ </metadata>
+ <criteria comment="Vendor GPG keys" operator="OR">
+ <criteria comment="AlmaLinux Vendor GPG Keys" operator="AND">
+ <criteria comment="AlmaLinux Linux Release Installed" operator="OR">
+ <extend_definition comment="AlmaLinux 9 installed" definition_ref="installed_OS_is_almalinux9" />
+ </criteria>
+ <criteria comment="AlmaLinux GPG Key Installed" operator="OR">
+ <criterion comment="package gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}} is installed"
+ test_ref="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" />
+
+ </criteria>
+ </criteria>
+ </criteria>
+ </definition>
+
+ <!-- First define global "object_package_gpg-pubkey" to be shared (reused) across multiple tests -->
+ <linux:rpminfo_object id="object_package_gpg-pubkey" version="1">
+ <linux:name>gpg-pubkey</linux:name>
+ </linux:rpminfo_object>
+
+ <!-- Test for ALMALINUX9 key -->
+ <linux:rpminfo_test check="only one" check_existence="at_least_one_exists"
+ id="test_package_gpgkey-{{{ pkg_version }}}-{{{ pkg_release }}}_installed" version="1"
+ comment="AlmaLinux 9 key package is installed">
+ <linux:object object_ref="object_package_gpg-pubkey" />
+ <linux:state state_ref="state_package_gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}}" />
+ </linux:rpminfo_test>
+
+ <linux:rpminfo_state id="state_package_gpg-pubkey-{{{ pkg_version }}}-{{{ pkg_release }}}" version="1">
+ <linux:release>{{{ pkg_release }}}</linux:release>
+ <linux:version>{{{ pkg_version }}}</linux:version>
+ </linux:rpminfo_state>
+
+</def-group>
diff --git a/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
new file mode 100644
index 000000000..da73ba4c5
--- /dev/null
+++ b/linux_os/guide/system/software/updating/ensure_almalinux_gpgkey_installed/rule.yml
@@ -0,0 +1,46 @@
+documentation_complete: true
+
+prodtype: almalinux9
+
+title: 'Ensure AlmaLinux GPG Key Installed'
+
+description: |-
+ To ensure the system can cryptographically verify base software
+ packages come from AlmaLinux, the AlmaLinux GPG key must properly be installed.
+ To install the AlmaLinux GPG key, run:
+ <pre>$ sudo rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-9</pre>
+ If the system is not connected to the Internet,
+ then install the AlmaLinux GPG key from trusted media such as
+ the AlmaLinux installation CD-ROM or DVD. Assuming the disc is mounted
+ in <tt>/media/cdrom</tt>, use the following command as the root user to import
+ it into the keyring:
+ <pre>$ sudo rpm --import /media/cdrom/RPM-GPG-KEY</pre>
+
+rationale: |-
+ Changes to software components can have significant effects on the
+ overall security of the operating system. This requirement ensures
+ the software has not been tampered with and that it has been provided
+ by a trusted vendor. The AlmaLinux GPG key is necessary to
+ cryptographically verify packages are from AlmaLinux.
+
+severity: high
+
+references:
+ cis: 1.2.2
+ disa: CCI-001749
+ nist: CM-5(3),SI-7,SC-12,SC-12(3),CM-6(a),CM-11(a),CM-11(b)
+ nist-csf: PR.DS-6,PR.DS-8,PR.IP-1
+ pcidss: Req-6.2
+ isa-62443-2013: 'SR 3.1,SR 3.3,SR 3.4,SR 3.8,SR 7.6'
+ isa-62443-2009: 4.3.4.3.2,4.3.4.3.3,4.3.4.4.4
+ cobit5: APO01.06,BAI03.05,BAI06.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS06.02
+ iso27001-2013: A.11.2.4,A.12.1.2,A.12.2.1,A.12.5.1,A.12.6.2,A.14.1.2,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4
+ cis-csc: 11,2,3,9
+
+ocil_clause: 'the AlmaLinux GPG Key is not installed'
+
+ocil: |-
+ To ensure that the GPG key is installed, run:
+ <pre>$ rpm -q --queryformat "%{SUMMARY}\n" gpg-pubkey</pre>
+ The command should return the string below:
+ <pre>gpg(AlmaLinux &lt;packager@almalinux.org&gt;</pre>
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
index 2bf91c8ca..b5f520737 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/bash/shared.sh
@@ -1,3 +1,3 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
{{{ bash_replace_or_append( pkg_manager_config_file , '^gpgcheck', '1') }}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
index 91cd19e26..17852be3e 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,uos20
title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration'
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
index d02e8df1a..86fbb3be5 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure gpgcheck Enabled for Local Packages'
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
index 9fd7f4b5d..3b81d7866 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
# reboot = false
# strategy = enable
# complexity = low
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
index 07e02fa47..ee1d023d9 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv,multi_platform_sle
{{% if product in ["sle12", "sle15"] %}}
sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/zypp/repos.d/*
{{% else %}}
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
index 64287817b..b387ae5ad 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15
+prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15
title: 'Ensure gpgcheck Enabled for All {{{ pkg_manager }}} Package Repositories'
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
index 37e47e4d4..a852e856f 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_disabled.fail.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
sed -i 's/gpgcheck\s*=.*/gpgcheck=0/g' /etc/yum.repos.d/*
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
index 04ff6e577..b97d75469 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/tests/gpgcheck_enabled.pass.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol,multi_platform_fedora,multi_platform_rhv
sed -i 's/gpgcheck\s*=.*/gpgcheck=1/g' /etc/yum.repos.d/*
diff --git a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
index bdcc5e9be..fa9751a44 100644
--- a/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
+++ b/linux_os/guide/system/software/updating/package_dnf-automatic_installed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Install dnf-automatic Package'
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
index fd844d2a1..2932351f4 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_sle
+# platform = Red Hat Virtualization 4,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle
# reboot = true
# strategy = patch
# complexity = low
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
index 99aa0518a..332a361ec 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
+prodtype: alinux2,alinux3,anolis23,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,uos20
title: 'Ensure Software Patches Installed'
@@ -17,6 +17,11 @@ description: |-
<pre>$ sudo yum update</pre>
If the system is not configured to use one of these sources, updates (in the form of RPM packages)
can be manually downloaded from the ULN and installed using <tt>rpm</tt>.
+{{% elif product in ["almalinux9"] %}}
+ Run the following command to install updates:
+ <pre>$ sudo yum update</pre>
+ If the system is not configured to use repos, updates (in the form of RPM packages)
+ can be manually downloaded from the repos and installed using <tt>rpm</tt>.
{{% elif product in ["sle12", "sle15"] %}}
If the system is configured for online updates, invoking the following command will list available
security updates:
diff --git a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
index 5ae61e5d6..375ac3876 100644
--- a/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
+++ b/linux_os/guide/system/software/updating/timer_dnf-automatic_enabled/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,ol9,rhel8,rhel9,sle12,sle15
+prodtype: fedora,ol8,ol9,rhel8,rhel9,almalinux9,sle12,sle15
title: 'Enable dnf-automatic Timer'
diff --git a/products/almalinux9/CMakeLists.txt b/products/almalinux9/CMakeLists.txt
new file mode 100644
index 000000000..b9614b81a
--- /dev/null
+++ b/products/almalinux9/CMakeLists.txt
@@ -0,0 +1,20 @@
+# Sometimes our users will try to do: "cd almalinux9; cmake ." That needs to error in a nice way.
+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+ message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
+endif()
+
+set(PRODUCT "almalinux9")
+
+ssg_build_product(${PRODUCT})
+
+ssg_build_html_cce_table(${PRODUCT})
+
+ssg_build_html_srgmap_tables(${PRODUCT})
+
+if(SSG_SRG_XLSX_EXPORT)
+ ssg_build_xlsx_srg_export(${PRODUCT} "srg_gpos")
+endif()
+
+# ssg_build_html_stig_tables(${PRODUCT} "stig")
+
+#ssg_build_html_stig_tables(${PRODUCT} "ospp")
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg
new file mode 100644
index 000000000..9d1d5433d
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_enhanced-ks.cfg
@@ -0,0 +1,154 @@
+# SCAP Security Guide ANSSI BP-028 (enhanced) profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=5000 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg
new file mode 100644
index 000000000..fa7b596f9
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_high-ks.cfg
@@ -0,0 +1,158 @@
+# SCAP Security Guide ANSSI BP-028 (high) profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=5000 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_anssi_bp28_high
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg
new file mode 100644
index 000000000..3feec9cd4
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_intermediary-ks.cfg
@@ -0,0 +1,154 @@
+# SCAP Security Guide ANSSI BP-028 (intermediary) profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=3192 --grow
+# Ensure /usr Located On Separate Partition
+logvol /usr --fstype=xfs --name=usr --vgname=VolGroup --size=5000 --fsoptions="nodev"
+# Ensure /opt Located On Separate Partition
+logvol /opt --fstype=xfs --name=opt --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /srv Located On Separate Partition
+logvol /srv --fstype=xfs --name=srv --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid"
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg
new file mode 100644
index 000000000..a32b40fe8
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-anssi_bp28_minimal-ks.cfg
@@ -0,0 +1,118 @@
+# SCAP Security Guide ANSSI BP-028 (minimal) profile kickstart for AlmaLinux 9
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_anssi_bp28_minimal
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
new file mode 100644
index 000000000..c0600a960
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_advanced-ks.cfg
@@ -0,0 +1,127 @@
+# SCAP Security Guide CCN profile (Advanced) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2023-07-18
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/performing_an_advanced_rhel_9_installation/starting-kickstart-installations_installing-rhel-as-an-experienced-user
+
+# Specify installation method to use for installation. To use a different one comment out
+# the 'url' one below, update the selected choice with proper options & un-comment it.
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in.
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+
+
+# Set language to use during installation and default language on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the
+# installer environment (optional):
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see
+# how to create encrypted password form for different plaintext password.
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile may restrict root login.
+# Add a user that can login and escalate privileges.
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing.
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password.
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger.
+# Modify size of partitions appropriately to reflect actual machine's hardware.
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# Harden installation with CCN profile (Advanced)
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_ccn_advanced
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
new file mode 100644
index 000000000..6030e1529
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_basic-ks.cfg
@@ -0,0 +1,127 @@
+# SCAP Security Guide CCN profile (Basic) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2023-07-18
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/performing_an_advanced_rhel_9_installation/starting-kickstart-installations_installing-rhel-as-an-experienced-user
+
+# Specify installation method to use for installation. To use a different one comment out
+# the 'url' one below, update the selected choice with proper options & un-comment it.
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in.
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+
+
+# Set language to use during installation and default language on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the
+# installer environment (optional):
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see
+# how to create encrypted password form for different plaintext password.
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile may restrict root login.
+# Add a user that can login and escalate privileges.
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing.
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password.
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger.
+# Modify size of partitions appropriately to reflect actual machine's hardware.
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# Harden installation with CCN profile (Basic)
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_ccn_basic
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
new file mode 100644
index 000000000..ab7e6a6d8
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ccn_intermediate-ks.cfg
@@ -0,0 +1,127 @@
+# SCAP Security Guide CCN profile (Intermediate) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2023-07-18
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/performing_an_advanced_rhel_9_installation/starting-kickstart-installations_installing-rhel-as-an-experienced-user
+
+# Specify installation method to use for installation. To use a different one comment out
+# the 'url' one below, update the selected choice with proper options & un-comment it.
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in.
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+
+
+# Set language to use during installation and default language on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the
+# installer environment (optional):
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see
+# how to create encrypted password form for different plaintext password.
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile may restrict root login.
+# Add a user that can login and escalate privileges.
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing.
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password.
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger.
+# Modify size of partitions appropriately to reflect actual machine's hardware.
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# Harden installation with CCN profile (Intermediate)
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_ccn_intermediate
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
new file mode 100644
index 000000000..36b23f1b4
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis-ks.cfg
@@ -0,0 +1,131 @@
+# SCAP Security Guide CIS profile (Level 2 - Server) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# Harden installation with CIS profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_cis
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
new file mode 100644
index 000000000..9fa71fa28
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_server_l1-ks.cfg
@@ -0,0 +1,131 @@
+# SCAP Security Guide CIS profile (Level 1 - Server) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# Harden installation with CIS profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_cis_server_l1
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
new file mode 100644
index 000000000..31f8990bc
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l1-ks.cfg
@@ -0,0 +1,131 @@
+# SCAP Security Guide CIS profile (Level 1 - Workstation) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# Harden installation with CIS profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_cis_workstation_l1
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
new file mode 100644
index 000000000..b759130d7
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cis_workstation_l2-ks.cfg
@@ -0,0 +1,131 @@
+# SCAP Security Guide CIS profile (Level 2 - Workstation) kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-08-12
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Ensure /dev/shm is a separate partition
+part /dev/shm --fstype=tmpfs --fsoptions="nodev,nosuid,noexec" --size=512
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=9728 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+
+# Harden installation with CIS profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_cis_workstation_l2
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg
new file mode 100644
index 000000000..aae4b1f6a
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-cui-ks.cfg
@@ -0,0 +1,149 @@
+# SCAP Security Guide CUI profile kickstart for AlmaLinux 9
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none"
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_cui
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
new file mode 100644
index 000000000..9388ba6a3
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-e8-ks.cfg
@@ -0,0 +1,107 @@
+# SCAP Security Guide Essential Eight profile kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# Harden installation with Essential Eight profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-com_redhat_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_e8
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
new file mode 100644
index 000000000..d72dd656f
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-hipaa-ks.cfg
@@ -0,0 +1,107 @@
+# SCAP Security Guide HIPAA profile kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-07-13
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g. grub2-mkpasswd-pbkdf2 to see how to create
+# encrypted password form for different plaintext password
+bootloader --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# Harden installation with HIPAA profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-com_redhat_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_hipaa
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
new file mode 100644
index 000000000..80056963b
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ism_o-ks.cfg
@@ -0,0 +1,106 @@
+# SCAP Security Guide ISM Official profile kickstart for AlmaLinux 9 Server
+# Version: 0.0.1
+# Date: 2021-08-16
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#performing_an_automated_installation_using_kickstart
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+#
+#
+network --onboot yes --device eth0 --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g. https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw to see how to create
+# encrypted password form for different plaintext password
+rootpw --iscrypted $6$/0RYeeRdK70ynvYz$jH2ZN/80HM6DjndHMxfUF9KIibwipitvizzXDH1zW.fTjyD3RD3tkNdNUaND18B/XqfAUW3vy1uebkBybCuIm0
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+bootloader
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+autopart
+
+# Harden installation with Essential Eight profile
+# For more details and configuration options see
+# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_installation/index#addon-org_fedora_oscap_kickstart-commands-for-addons-supplied-with-the-rhel-installation-program
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_ism_o
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg
new file mode 100644
index 000000000..14e68d24d
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-ospp-ks.cfg
@@ -0,0 +1,149 @@
+# SCAP Security Guide OSPP profile kickstart for AlmaLinux 9
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none"
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_ospp
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg
new file mode 100644
index 000000000..f0593586f
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-pci-dss-ks.cfg
@@ -0,0 +1,144 @@
+# SCAP Security Guide PCI-DSS profile kickstart for AlmaLinux 9
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp --noipv6
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=11264 --grow
+# CCE-26557-9: Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# CCE-26435-8: Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,noexec,nosuid"
+# CCE-26639-5: Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# CCE-26215-4: Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# CCE-26436-6: Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=512 --fsoptions="nodev"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_pci-dss
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg
new file mode 100644
index 000000000..052c33aa1
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-stig-ks.cfg
@@ -0,0 +1,150 @@
+# SCAP Security Guide STIG profile kickstart for AlmaLinux 9
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=10240 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_stig
+%end
+
+# Packages selection (%packages section is required)
+%packages
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg b/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg
new file mode 100644
index 000000000..0b612b999
--- /dev/null
+++ b/products/almalinux9/kickstart/ssg-almalinux9-stig_gui-ks.cfg
@@ -0,0 +1,154 @@
+# SCAP Security Guide STIG with GUI profile kickstart for AlmaLinux 9
+#
+# Based on:
+# https://pykickstart.readthedocs.io/en/latest/
+# http://usgcb.nist.gov/usgcb/content/configuration/workstation-ks.cfg
+
+# Specify installation method to use for installation
+# To use a different one comment out the 'url' one below, update
+# the selected choice with proper options & un-comment it
+#
+# Install from an installation tree on a remote server via FTP or HTTP:
+# --url the URL to install from
+#
+# Example:
+#
+# url --url=http://192.168.122.1/image
+#
+# Modify concrete URL in the above example appropriately to reflect the actual
+# environment machine is to be installed in
+#
+# Other possible / supported installation methods:
+# * install from the first CD-ROM/DVD drive on the system:
+#
+# cdrom
+#
+# * install from a directory of ISO images on a local drive:
+#
+# harddrive --partition=hdb2 --dir=/tmp/install-tree
+#
+# * install from provided NFS server:
+#
+# nfs --server=<hostname> --dir=<directory> [--opts=<nfs options>]
+#
+# Set language to use during installation and the default language to use on the installed system (required)
+lang en_US.UTF-8
+
+# Set system keyboard type / layout (required)
+keyboard --vckeymap us
+
+# Configure network information for target system and activate network devices in the installer environment (optional)
+# --onboot enable device at a boot time
+# --device device to be activated and / or configured with the network command
+# --bootproto method to obtain networking configuration for device (default dhcp)
+# --noipv6 disable IPv6 on this device
+network --onboot yes --bootproto dhcp
+
+# Set the system's root password (required)
+# Plaintext password is: server
+# Refer to e.g.
+# https://pykickstart.readthedocs.io/en/latest/commands.html#rootpw
+# to see how to create encrypted password form for different plaintext password
+rootpw --iscrypted $6$0WWGZ1e6icT$1KiHZK.Nzp3HQerfiy8Ic3pOeCWeIzA.zkQ7mkvYT3bNC5UeGK2ceE5b6TkSg4D/kiSudkT04QlSKknsrNE220
+
+# The selected profile will restrict root login
+# Add a user that can login and escalate privileges
+# Plaintext password is: admin123
+user --name=admin --groups=wheel --password=$6$Ga6ZnIlytrWpuCzO$q0LqT1USHpahzUafQM9jyHCY9BiE5/ahXLNWUMiVQnFGblu0WWGZ1e6icTaCGO4GNgZNtspp1Let/qpM7FMVB0 --iscrypted
+
+# Configure firewall settings for the system (optional)
+# --enabled reject incoming connections that are not in response to outbound requests
+# --ssh allow sshd service through the firewall
+firewall --enabled --ssh
+
+
+# State of SELinux on the installed system (optional)
+# Defaults to enforcing
+selinux --enforcing
+
+# Set the system time zone (required)
+timezone --utc America/New_York
+
+# Specify how the bootloader should be installed (required)
+# Plaintext password is: password
+# Refer to e.g.
+# grub2-mkpasswd-pbkdf2
+# to see how to create encrypted password form for different plaintext password
+bootloader --append="audit=1 audit_backlog_limit=8192 slub_debug=P page_poison=1 vsyscall=none" --password=grub.pbkdf2.sha512.10000.45912D32B964BA58B91EAF9847F3CCE6F4C962638922543AFFAEE4D29951757F4336C181E6FC9030E07B7D9874DAD696A1B18978D995B1D7F27AF9C38159FDF3.99F65F3896012A0A3D571A99D6E6C695F3C51BE5343A01C1B6907E1C3E1373CB7F250C2BC66C44BB876961E9071F40205006A05189E51C2C14770C70C723F3FD --iscrypted
+
+# Initialize (format) all disks (optional)
+zerombr
+
+# The following partition layout scheme assumes disk of size 20GB or larger
+# Modify size of partitions appropriately to reflect actual machine's hardware
+#
+# Remove Linux partitions from the system prior to creating new ones (optional)
+# --linux erase all Linux partitions
+# --initlabel initialize the disk label to the default based on the underlying architecture
+clearpart --linux --initlabel
+
+# Create primary system partitions (required for installs)
+part /boot --fstype=xfs --size=512 --fsoptions="nodev,nosuid,noexec"
+part pv.01 --grow --size=1
+
+# Create a Logical Volume Management (LVM) group (optional)
+volgroup VolGroup pv.01
+
+# Create particular logical volumes (optional)
+logvol / --fstype=xfs --name=root --vgname=VolGroup --size=10240 --grow
+# Ensure /home Located On Separate Partition
+logvol /home --fstype=xfs --name=home --vgname=VolGroup --size=1024 --fsoptions="nodev"
+# Ensure /tmp Located On Separate Partition
+logvol /tmp --fstype=xfs --name=tmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/tmp Located On Separate Partition
+logvol /var/tmp --fstype=xfs --name=vartmp --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var Located On Separate Partition
+logvol /var --fstype=xfs --name=var --vgname=VolGroup --size=3072 --fsoptions="nodev"
+# Ensure /var/log Located On Separate Partition
+logvol /var/log --fstype=xfs --name=varlog --vgname=VolGroup --size=1024 --fsoptions="nodev,nosuid,noexec"
+# Ensure /var/log/audit Located On Separate Partition
+logvol /var/log/audit --fstype=xfs --name=varlogaudit --vgname=VolGroup --size=10240 --fsoptions="nodev,nosuid,noexec"
+logvol swap --name=swap --vgname=VolGroup --size=2016
+
+# The OpenSCAP installer add-on is used to apply SCAP (Security Content Automation Protocol)
+# content - security policies - on the installed system.This add-on has been enabled by default
+# since Red Hat Enterprise Linux 7.2. When enabled, the packages necessary to provide this
+# functionality will automatically be installed. However, by default, no policies are enforced,
+# meaning that no checks are performed during or after installation unless specifically configured.
+#
+# Important
+# Applying a security policy is not necessary on all systems. This screen should only be used
+# when a specific policy is mandated by your organization rules or government regulations.
+# Unlike most other commands, this add-on does not accept regular options, but uses key-value
+# pairs in the body of the %addon definition instead. These pairs are whitespace-agnostic.
+# Values can be optionally enclosed in single quotes (') or double quotes (").
+#
+# The following keys are recognized by the add-on:
+# content-type - Type of the security content. Possible values are datastream, archive, rpm, and scap-security-guide.
+# - If the content-type is scap-security-guide, the add-on will use content provided by the
+# scap-security-guide package, which is present on the boot media. This means that all other keys except profile will have no effect.
+# content-url - Location of the security content. The content must be accessible using HTTP, HTTPS, or FTP; local storage is currently not supported. A network connection must be available to reach content definitions in a remote location.
+# datastream-id - ID of the data stream referenced in the content-url value. Used only if content-type is datastream.
+# xccdf-id - ID of the benchmark you want to use.
+# xccdf-path - Path to the XCCDF file which should be used; given as a relative path in the archive.
+# profile - ID of the profile to be applied. Use default to apply the default profile.
+# fingerprint - A MD5, SHA1 or SHA2 checksum of the content referenced by content-url.
+# tailoring-path - Path to a tailoring file which should be used, given as a relative path in the archive.
+#
+# The following is an example %addon com_redhat_oscap section which uses content from the
+# scap-security-guide on the installation media:
+%addon com_redhat_oscap
+ content-type = scap-security-guide
+ profile = xccdf_org.ssgproject.content_profile_stig_gui
+%end
+
+# Packages selection (%packages section is required)
+%packages
+
+@Server with GUI
+
+%end
+
+# Reboot after the installation is complete (optional)
+# --eject attempt to eject CD or DVD media before rebooting
+reboot --eject
diff --git a/products/almalinux9/overlays/srg_support.xml b/products/almalinux9/overlays/srg_support.xml
new file mode 100644
index 000000000..bdfb1cbd8
--- /dev/null
+++ b/products/almalinux9/overlays/srg_support.xml
@@ -0,0 +1,173 @@
+<Group id="srg_support" hidden="true">
+<title>Documentation to Support DISA OS SRG Mapping</title>
+<description>These groups exist to document how the AlmaLinux
+product meets (or does not meet) requirements listed in the DISA OS SRG, for
+those cases where Groups or Rules elsewhere in scap-security-guide do
+not clearly relate.
+</description>
+
+
+<!-- The CCI/SRG items referenced here are:
+ - satisfied (through design and implementation)
+ - selected in DoD baseline (per CNSS 1253) -->
+<Rule id="met_inherently_generic">
+<title>Product Meets this Requirement</title>
+<rationale>
+AlmaLinux meets this requirement through design and implementation.
+</rationale>
+<ocil>AlmaLinux 9 supports this requirement and cannot be configured to be out of
+compliance. This is a permanent not a finding.
+</ocil>
+<description>
+This requirement is a permanent not a finding. No fix is required.
+</description>
+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
+ it should not have CCE association -->
+<ref disa="15,42,56,206,1084,66,85,86,185,223,171,172,1694,770,804,162,163,164,345,346,1096,1111,1291,386,156,186,1083,1082,1090,804,1127,1128,1129,1248,1265,1314,1362,1368,1310,1311,1328,1399,1400,1404,1405,1427,1499,1632,1693,1665,1674" />
+</Rule>
+
+
+<!-- The CCI/SRG items referenced here relate to auditing, and are:
+ - satisfied (through design and implementation)
+ - selected in DoD baseline (per CNSS 1253) -->
+<Rule id="met_inherently_auditing">
+<title>Product Meets this Requirement</title>
+<rationale>
+The AlmaLinux audit system meets this requirement through design and implementation.
+</rationale>
+<ocil>The AlmaLinux 9 auditing system supports this requirement and cannot be configured to be out of
+compliance. Every audit record in AlmaLinux includes a timestamp, the operation attempted,
+success or failure of the operation, the subject involved (executable/process),
+the object involved (file/path), and security labels for the subject and object.
+It also includes the ability to label events with custom key labels. The auditing system
+centralizes the recording of audit events for the entire system and includes
+reduction (<tt>ausearch</tt>), reporting (<tt>aureport</tt>), and real-time
+response (<tt>audispd</tt>) facilities.
+This is a permanent not a finding.
+</ocil>
+<description>
+This requirement is a permanent not a finding. No fix is required.
+</description>
+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
+ it should not have CCE association -->
+<ref disa="130,157,131,132,133,134,135,159,174" />
+</Rule>
+
+
+<!-- The CCI/SRG item referenced here are:
+ - satisfied (through design and implementation)
+ - not selected in a DoD baseline -->
+<Rule id="met_inherently_nonselected">
+<title>Product Meets this Requirement</title>
+<rationale>
+AlmaLinux meets this requirement through design and implementation.
+</rationale>
+<ocil>AlmaLinux 9 supports this requirement and cannot be configured to be out of
+compliance. This is a permanent not a finding.
+</ocil>
+<description>
+This requirement is a permanent not a finding. No fix is required.
+</description>
+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
+ it should not have CCE association -->
+<ref disa="34,35,99,154,226,802,872,1086,1087,1089,1091,1424,1426,1428,1209,1214,1237,1269,1338,1425,1670" />
+</Rule>
+
+
+<!-- The CCI/SRG item listed here are:
+ - satisfied (by Rules in the guidance, which include the reference)
+ - not selected in DoD baseline -->
+<!-- disa="26,32,771,772,831,884,888,1095,1115,1117,1250,1348,1353,1464,1496" -->
+
+
+<!-- The CCI/SRG item referenced here are:
+ - not satisfied
+ - not selected in a DoD baseline
+ - considered out of scope -->
+<Rule id="unmet_nonfinding_nonselected_scope">
+<title>Guidance Does Not Meet this Requirement Due to Impracticality or Scope</title>
+<rationale>
+The guidance does not meet this requirement.
+The requirement is impractical or out of scope.
+</rationale>
+<ocil>
+AlmaLinux 9 cannot support this requirement without assistance from an external
+application, policy, or service. This requirement is NA.
+</ocil>
+<description>
+This requirement is NA. No fix is required.
+</description>
+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
+ it should not have CCE association -->
+<ref disa="21,25,28,29,30,165,221,354,553,779,780,781,1009,1094,1123,1124,1125,1132,1135,1140,1141,1142,1143,1145,1147,1148,1166,1339,1340,1341,1350,1356,1373,1374,1383,1391,1392,1395,1662" />
+</Rule>
+
+
+<!-- The CCI/SRG items referenced here are:
+ - not satisfied
+ - not selected in a DoD baseline
+ - considered permanent findings -->
+<Rule id="unmet_finding_nonselected">
+<title>Implementation of the Requirement is Not Supported</title>
+<rationale>
+AlmaLinux 9 does not support this requirement.
+</rationale>
+<ocil>
+This is a permanent finding.
+</ocil>
+<description>
+This requirement is a permanent finding and cannot be fixed. An appropriate
+mitigation for the system must be implemented but this finding cannot be
+considered fixed.
+</description>
+<ref disa="20,31,52,144,1158,1294,1295,1500" />
+<!-- Note: CCI 52 supported for text login, but not graphical -->
+</Rule>
+
+
+<!-- The CCI/SRG items referenced here are:
+ - not satisfied
+ - selected in a DoD baseline
+ - considered NA -->
+<Rule id="unmet_nonfinding_scope">
+<title>Guidance Does Not Meet this Requirement Due to Impracticality or Scope</title>
+<rationale>
+The guidance does not meet this requirement.
+The requirement is impractical or out of scope.
+</rationale>
+<ocil>
+AlmaLinux 9 cannot support this requirement without assistance from an external
+application, policy, or service. This requirement is NA.
+</ocil>
+<description>
+This requirement is NA. No fix is required.
+</description>
+<!-- Note: This XCCDF rule is used to group DISA requirements. As such,
+ it should not have CCE association -->
+<ref disa="27,218,219,371,372,535,537,539,1682,370,37,24,1112,1126,1143,1149,1157,1159,1210,1211,1274,1372,1376,1377,1352,1401,1555,1556,1150" />
+</Rule>
+
+<Rule id="update_process">
+<title>A process for prompt installation of OS updates must exist.</title>
+<rationale>
+This is a manual inquiry about update procedure.
+</rationale>
+<ocil>
+Ask an administrator if a process exists to promptly and automatically apply OS
+software updates. If such a process does not exist, this is a finding.
+<br /><br />
+If the OS update process limits automatic updates of software packages, where
+such updates would impede normal system operation, to scheduled maintenance
+windows, but still within IAVM-dictated timeframes, this is not a finding.
+</ocil>
+<description>
+Procedures to promptly apply software updates must be established and
+executed. The AlmaLinux operating system provides support for automating such a
+process, by running the yum program through a cron job or by managing the
+system and its packages through the Foreman.
+</description>
+<ref disa="1232" />
+<!-- Note: This is a process, as such, will not receive a CCE -->
+</Rule>
+
+</Group>
diff --git a/products/almalinux9/product.yml b/products/almalinux9/product.yml
new file mode 100644
index 000000000..11ab5bae6
--- /dev/null
+++ b/products/almalinux9/product.yml
@@ -0,0 +1,52 @@
+product: almalinux9
+full_name: AlmaLinux 9
+type: platform
+
+families:
+ - rhel
+ - rhel-like
+
+major_version_ordinal: 9
+
+benchmark_id: ALMALINUX-9
+benchmark_root: "../../linux_os/guide"
+components_root: "../../components"
+
+profiles_root: "./profiles"
+
+pkg_manager: "dnf"
+
+init_system: "systemd"
+
+# EFI and non-EFI configs are stored in same path, see https://fedoraproject.org/wiki/Changes/UnifyGrubConfig
+
+groups:
+ dedicated_ssh_keyowner:
+ name: ssh_keys
+
+sshd_distributed_config: "true"
+
+dconf_gdm_dir: "distro.d"
+
+faillock_path: "/var/log/faillock"
+
+pkg_release: "61e69f29"
+pkg_version: "b86b3716"
+
+release_key_fingerprint: "BF18AC2876178908D6E71267D36CB86CB86B3716"
+oval_feed_url: "https://security.almalinux.org/oval/org.almalinux.alsa-9.xml.bz2"
+
+cpes_root: "../../shared/applicability"
+cpes:
+ - almalinux9:
+ name: "cpe:/o:almalinux:almalinux:9"
+ title: "AlmaLinux 9"
+ check_id: installed_OS_is_almalinux9
+
+# Mapping of CPE platform to package
+platform_package_overrides:
+ login_defs: "shadow-utils"
+
+reference_uris:
+ cis: 'https://www.cisecurity.org/benchmark/almalinuxos_linux/'
+ ccn: 'https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html'
diff --git a/products/almalinux9/profiles/anssi_bp28_enhanced.profile b/products/almalinux9/profiles/anssi_bp28_enhanced.profile
new file mode 100644
index 000000000..62cbe1715
--- /dev/null
+++ b/products/almalinux9/profiles/anssi_bp28_enhanced.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - yuumasato
+
+title: 'ANSSI-BP-028 (enhanced)'
+
+description: |-
+ This profile contains configurations that align to ANSSI-BP-028 v2.0 at the enhanced hardening level.
+
+ ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+ ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+ A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+ https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+selections:
+ - anssi:all:enhanced
diff --git a/products/almalinux9/profiles/anssi_bp28_high.profile b/products/almalinux9/profiles/anssi_bp28_high.profile
new file mode 100644
index 000000000..204e141b1
--- /dev/null
+++ b/products/almalinux9/profiles/anssi_bp28_high.profile
@@ -0,0 +1,21 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - yuumasato
+
+title: 'ANSSI-BP-028 (high)'
+
+description: |-
+ This profile contains configurations that align to ANSSI-BP-028 v2.0 at the high hardening level.
+
+ ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+ ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+ A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+ https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+selections:
+ - anssi:all:high
+ # the following rule renders UEFI systems unbootable
+ - '!sebool_secure_mode_insmod'
diff --git a/products/almalinux9/profiles/anssi_bp28_intermediary.profile b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
new file mode 100644
index 000000000..81b684668
--- /dev/null
+++ b/products/almalinux9/profiles/anssi_bp28_intermediary.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - yuumasato
+
+title: 'ANSSI-BP-028 (intermediary)'
+
+description: |-
+ This profile contains configurations that align to ANSSI-BP-028 v2.0 at the intermediary hardening level.
+
+ ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+ ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+ A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+ https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+selections:
+ - anssi:all:intermediary
diff --git a/products/almalinux9/profiles/anssi_bp28_minimal.profile b/products/almalinux9/profiles/anssi_bp28_minimal.profile
new file mode 100644
index 000000000..79a63fd43
--- /dev/null
+++ b/products/almalinux9/profiles/anssi_bp28_minimal.profile
@@ -0,0 +1,20 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - yuumasato
+
+title: 'ANSSI-BP-028 (minimal)'
+
+description: |-
+ This profile contains configurations that align to ANSSI-BP-028 v2.0 at the minimal hardening level.
+
+ ANSSI is the French National Information Security Agency, and stands for Agence nationale de la sécurité des systèmes d'information.
+ ANSSI-BP-028 is a configuration recommendation for GNU/Linux systems.
+
+ A copy of the ANSSI-BP-028 can be found at the ANSSI website:
+ https://www.ssi.gouv.fr/administration/guide/recommandations-de-securite-relatives-a-un-systeme-gnulinux/
+
+selections:
+ - anssi:all:minimal
+
diff --git a/products/almalinux9/profiles/ccn_advanced.profile b/products/almalinux9/profiles/ccn_advanced.profile
new file mode 100644
index 000000000..7020ad66a
--- /dev/null
+++ b/products/almalinux9/profiles/ccn_advanced.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - marcusburghardt
+
+reference: https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html
+
+title: 'CCN Red Hat Enterprise Linux 9 - Advanced'
+
+description: |-
+ This profile defines a baseline that aligns with the "Advanced" configuration of the
+ CCN-STIC-610A22 Guide issued by the National Cryptological Center of Spain in 2022-10.
+
+ The CCN-STIC-610A22 guide includes hardening settings for Red Hat Enterprise Linux 9 at basic,
+ intermediate, and advanced levels.
+
+selections:
+ - ccn_rhel9:all:advanced
diff --git a/products/almalinux9/profiles/ccn_basic.profile b/products/almalinux9/profiles/ccn_basic.profile
new file mode 100644
index 000000000..29dae54aa
--- /dev/null
+++ b/products/almalinux9/profiles/ccn_basic.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - marcusburghardt
+
+reference: https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html
+
+title: 'CCN Red Hat Enterprise Linux 9 - Basic'
+
+description: |-
+ This profile defines a baseline that aligns with the "Basic" configuration of the
+ CCN-STIC-610A22 Guide issued by the National Cryptological Center of Spain in 2022-10.
+
+ The CCN-STIC-610A22 guide includes hardening settings for Red Hat Enterprise Linux 9 at basic,
+ intermediate, and advanced levels.
+
+selections:
+ - ccn_rhel9:all:basic
diff --git a/products/almalinux9/profiles/ccn_intermediate.profile b/products/almalinux9/profiles/ccn_intermediate.profile
new file mode 100644
index 000000000..d9dea2fc9
--- /dev/null
+++ b/products/almalinux9/profiles/ccn_intermediate.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - marcusburghardt
+
+reference: https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html
+
+title: 'CCN Red Hat Enterprise Linux 9 - Intermediate'
+
+description: |-
+ This profile defines a baseline that aligns with the "Intermediate" configuration of the
+ CCN-STIC-610A22 Guide issued by the National Cryptological Center of Spain in 2022-10.
+
+ The CCN-STIC-610A22 guide includes hardening settings for Red Hat Enterprise Linux 9 at basic,
+ intermediate, and advanced levels.
+
+selections:
+ - ccn_rhel9:all:intermediate
diff --git a/products/almalinux9/profiles/cis.profile b/products/almalinux9/profiles/cis.profile
new file mode 100644
index 000000000..4dc49aaf1
--- /dev/null
+++ b/products/almalinux9/profiles/cis.profile
@@ -0,0 +1,23 @@
+documentation_complete: true
+
+metadata:
+ version: 1.0.0
+ SMEs:
+ - marcusburghardt
+ - vojtapolasek
+ - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Server'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 2 - Server"
+ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
+ AlmaLinux OS 9 CIS Benchmarks™ content.
+
+selections:
+ - cis_rhel9:all:l2_server
diff --git a/products/almalinux9/profiles/cis_server_l1.profile b/products/almalinux9/profiles/cis_server_l1.profile
new file mode 100644
index 000000000..c3bec0982
--- /dev/null
+++ b/products/almalinux9/profiles/cis_server_l1.profile
@@ -0,0 +1,23 @@
+documentation_complete: true
+
+metadata:
+ version: 1.0.0
+ SMEs:
+ - marcusburghardt
+ - vojtapolasek
+ - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Server'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 1 - Server"
+ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
+ AlmaLinux OS 9 CIS Benchmarks™ content.
+
+selections:
+ - cis_rhel9:all:l1_server
diff --git a/products/almalinux9/profiles/cis_workstation_l1.profile b/products/almalinux9/profiles/cis_workstation_l1.profile
new file mode 100644
index 000000000..8ac724cc8
--- /dev/null
+++ b/products/almalinux9/profiles/cis_workstation_l1.profile
@@ -0,0 +1,23 @@
+documentation_complete: true
+
+metadata:
+ version: 1.0.0
+ SMEs:
+ - marcusburghardt
+ - vojtapolasek
+ - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 1 - Workstation'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 1 - Workstation"
+ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
+ AlmaLinux OS 9 CIS Benchmarks™ content.
+
+selections:
+ - cis_rhel9:all:l1_workstation
diff --git a/products/almalinux9/profiles/cis_workstation_l2.profile b/products/almalinux9/profiles/cis_workstation_l2.profile
new file mode 100644
index 000000000..1f2cb0f27
--- /dev/null
+++ b/products/almalinux9/profiles/cis_workstation_l2.profile
@@ -0,0 +1,24 @@
+documentation_complete: true
+
+metadata:
+ version: 1.0.0
+ SMEs:
+ - marcusburghardt
+ - vojtapolasek
+ - yuumasato
+
+reference: https://www.cisecurity.org/benchmark/red_hat_linux/
+
+title: 'CIS AlmaLinux OS 9 Benchmark for Level 2 - Workstation'
+
+description: |-
+ This profile defines a baseline that aligns to the "Level 2 - Workstation"
+ configuration from the Center for Internet Security®
+ AlmaLinux OS 9 Benchmark™, v1.0.0, released 2022-12-12.
+
+ This profile includes Center for Internet Security®
+ AlmaLinux OS 9 CIS Benchmarks™ content.
+
+selections:
+ - cis_rhel9:all:l2_workstation
+ - '!package_avahi_removed'
diff --git a/products/almalinux9/profiles/cui.profile b/products/almalinux9/profiles/cui.profile
new file mode 100644
index 000000000..3f278237b
--- /dev/null
+++ b/products/almalinux9/profiles/cui.profile
@@ -0,0 +1,32 @@
+documentation_complete: true
+
+metadata:
+ version: TBD
+ SMEs:
+ - ggbecker
+
+title: '[DRAFT] Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)'
+
+description: |-
+ From NIST 800-171, Section 2.2:
+ Security requirements for protecting the confidentiality of CUI in nonfederal
+ information systems and organizations have a well-defined structure that
+ consists of:
+
+ (i) a basic security requirements section;
+ (ii) a derived security requirements section.
+
+ The basic security requirements are obtained from FIPS Publication 200, which
+ provides the high-level and fundamental security requirements for federal
+ information and information systems. The derived security requirements, which
+ supplement the basic security requirements, are taken from the security controls
+ in NIST Special Publication 800-53.
+
+ This profile configures Red Hat Enterprise Linux 9 to the NIST Special
+ Publication 800-53 controls identified for securing Controlled Unclassified
+ Information (CUI)."
+
+extends: ospp
+
+selections:
+ - inactivity_timeout_value=10_minutes
diff --git a/products/almalinux9/profiles/e8.profile b/products/almalinux9/profiles/e8.profile
new file mode 100644
index 000000000..79f116d1d
--- /dev/null
+++ b/products/almalinux9/profiles/e8.profile
@@ -0,0 +1,153 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - shaneboulden
+ - tjbutt58
+
+reference: https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
+
+title: 'Australian Cyber Security Centre (ACSC) Essential Eight'
+
+description: |-
+ This profile contains configuration checks for Red Hat Enterprise Linux 9
+ that align to the Australian Cyber Security Centre (ACSC) Essential Eight.
+
+ A copy of the Essential Eight in Linux Environments guide can be found at the
+ ACSC website:
+
+ https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-linux-workstations-and-servers
+
+selections:
+
+ ### Remove obsolete packages
+ - package_talk_removed
+ - package_talk-server_removed
+ - package_xinetd_removed
+ - service_xinetd_disabled
+ - package_ypbind_removed
+ - package_telnet_removed
+ - service_telnet_disabled
+ - package_telnet-server_removed
+ - package_rsh_removed
+ - package_rsh-server_removed
+ - service_zebra_disabled
+ - package_quagga_removed
+ - service_avahi-daemon_disabled
+ - package_squid_removed
+ - service_squid_disabled
+
+ ### Software update
+ - ensure_almalinux_gpgkey_installed
+ - ensure_gpgcheck_never_disabled
+ - ensure_gpgcheck_local_packages
+ - ensure_gpgcheck_globally_activated
+ - security_patches_up_to_date
+ - dnf-automatic_security_updates_only
+
+ ### System security settings
+ - sysctl_kernel_randomize_va_space
+ - sysctl_kernel_exec_shield
+ - sysctl_kernel_kptr_restrict
+ - sysctl_kernel_dmesg_restrict
+ - sysctl_kernel_kexec_load_disabled
+ - sysctl_kernel_yama_ptrace_scope
+ - sysctl_kernel_unprivileged_bpf_disabled
+ - sysctl_net_core_bpf_jit_harden
+
+ ### SELinux
+ - var_selinux_state=enforcing
+ - selinux_state
+ - var_selinux_policy_name=targeted
+ - selinux_policytype
+
+ ### Filesystem integrity
+ - rpm_verify_hashes
+ - rpm_verify_permissions
+ - rpm_verify_ownership
+ - file_permissions_unauthorized_sgid
+ - file_permissions_unauthorized_suid
+ - file_permissions_unauthorized_world_writable
+ - dir_perms_world_writable_sticky_bits
+ - file_permissions_library_dirs
+ - file_ownership_binary_dirs
+ - file_permissions_binary_dirs
+ - file_ownership_library_dirs
+
+ ### Passwords
+ - var_authselect_profile=sssd
+ - enable_authselect
+ - no_empty_passwords
+
+ ### Partitioning
+ - mount_option_dev_shm_nodev
+ - mount_option_dev_shm_nosuid
+ - mount_option_dev_shm_noexec
+
+ ### Network
+ - package_firewalld_installed
+ - service_firewalld_enabled
+ - network_sniffer_disabled
+
+ ### Admin privileges
+ - accounts_no_uid_except_zero
+ - sudo_remove_nopasswd
+ - sudo_remove_no_authenticate
+ - sudo_require_authentication
+
+ ### Audit
+ - package_rsyslog_installed
+ - service_rsyslog_enabled
+ - service_auditd_enabled
+ - var_auditd_flush=incremental_async
+ - auditd_data_retention_flush
+ - auditd_local_events
+ - auditd_write_logs
+ - auditd_log_format
+ - auditd_freq
+ - auditd_name_format
+ - audit_rules_login_events_tallylog
+ - audit_rules_login_events_faillock
+ - audit_rules_login_events_lastlog
+ - audit_rules_login_events
+ - audit_rules_time_adjtimex
+ - audit_rules_time_clock_settime
+ - audit_rules_time_watch_localtime
+ - audit_rules_time_settimeofday
+ - audit_rules_time_stime
+ - audit_rules_execution_restorecon
+ - audit_rules_execution_chcon
+ - audit_rules_execution_semanage
+ - audit_rules_execution_setsebool
+ - audit_rules_execution_setfiles
+ - audit_rules_execution_seunshare
+ - audit_rules_sysadmin_actions
+ - audit_rules_networkconfig_modification
+ - audit_rules_usergroup_modification
+ - audit_rules_dac_modification_chmod
+ - audit_rules_dac_modification_chown
+ - audit_rules_kernel_module_loading
+
+ ### Secure access
+ - sshd_use_directory_configuration
+ - sshd_disable_root_login
+ - sshd_disable_gssapi_auth
+ - sshd_print_last_log
+ - sshd_do_not_permit_user_env
+ - sshd_disable_rhosts
+ - sshd_set_loglevel_info
+ - sshd_disable_empty_passwords
+ - sshd_disable_user_known_hosts
+ - sshd_enable_strictmodes
+
+ # See also: https://www.cyber.gov.au/acsc/view-all-content/guidance/asd-approved-cryptographic-algorithms
+ - var_system_crypto_policy=default_nosha1
+ - configure_crypto_policy
+ - configure_ssh_crypto_policy
+
+ ### Application whitelisting
+ - package_fapolicyd_installed
+ - service_fapolicyd_enabled
+
+ ### Backup
+ - package_rear_installed
diff --git a/products/almalinux9/profiles/hipaa.profile b/products/almalinux9/profiles/hipaa.profile
new file mode 100644
index 000000000..976fc1e72
--- /dev/null
+++ b/products/almalinux9/profiles/hipaa.profile
@@ -0,0 +1,166 @@
+documentation_complete: True
+
+metadata:
+ SMEs:
+ - jjaswanson4
+
+reference: https://www.hhs.gov/hipaa/for-professionals/index.html
+
+title: 'Health Insurance Portability and Accountability Act (HIPAA)'
+
+description: |-
+ The HIPAA Security Rule establishes U.S. national standards to protect individuals
+ electronic personal health information that is created, received, used, or
+ maintained by a covered entity. The Security Rule requires appropriate
+ administrative, physical and technical safeguards to ensure the
+ confidentiality, integrity, and security of electronic protected health
+ information.
+
+ This profile configures Red Hat Enterprise Linux 9 to the HIPAA Security
+ Rule identified for securing of electronic protected health information.
+ Use of this profile in no way guarantees or makes claims against legal compliance against the HIPAA Security Rule(s).
+
+selections:
+ - grub2_password
+ - grub2_uefi_password
+ - file_groupowner_grub2_cfg
+ - file_owner_grub2_cfg
+ - grub2_disable_interactive_boot
+ - no_direct_root_logins
+ - no_empty_passwords
+ - require_singleuser_auth
+ - restrict_serial_port_logins
+ - securetty_root_login_console_only
+ - service_debug-shell_disabled
+ - disable_ctrlaltdel_reboot
+ - disable_ctrlaltdel_burstaction
+ - dconf_db_up_to_date
+ - dconf_gnome_remote_access_credential_prompt
+ - dconf_gnome_remote_access_encryption
+ - sshd_use_directory_configuration
+ - sshd_disable_empty_passwords
+ - sshd_disable_root_login
+ - libreswan_approved_tunnels
+ - no_rsh_trust_files
+ - package_rsh-server_removed
+ - package_talk_removed
+ - package_talk-server_removed
+ - package_telnet_removed
+ - package_telnet-server_removed
+ - package_xinetd_removed
+ - service_crond_enabled
+ - service_rexec_disabled
+ - service_rlogin_disabled
+ - service_telnet_disabled
+ - service_xinetd_disabled
+ - service_zebra_disabled
+ - use_kerberos_security_all_exports
+ - var_authselect_profile=sssd
+ - enable_authselect
+ - disable_host_auth
+ - sshd_allow_only_protocol2
+ - sshd_disable_compression
+ - sshd_disable_gssapi_auth
+ - sshd_disable_kerb_auth
+ - sshd_do_not_permit_user_env
+ - sshd_enable_strictmodes
+ - sshd_enable_warning_banner
+ - var_sshd_set_keepalive=0
+ - encrypt_partitions
+ - var_system_crypto_policy=fips
+ - configure_crypto_policy
+ - configure_ssh_crypto_policy
+ - var_selinux_policy_name=targeted
+ - var_selinux_state=enforcing
+ - grub2_enable_selinux
+ - sebool_selinuxuser_execheap
+ - sebool_selinuxuser_execmod
+ - sebool_selinuxuser_execstack
+ - selinux_confinement_of_daemons
+ - selinux_policytype
+ - selinux_state
+ - service_kdump_disabled
+ - sysctl_fs_suid_dumpable
+ - sysctl_kernel_dmesg_restrict
+ - sysctl_kernel_exec_shield
+ - sysctl_kernel_randomize_va_space
+ - rpm_verify_hashes
+ - rpm_verify_permissions
+ - ensure_almalinux_gpgkey_installed
+ - ensure_gpgcheck_globally_activated
+ - ensure_gpgcheck_never_disabled
+ - ensure_gpgcheck_local_packages
+ - grub2_audit_argument
+ - service_auditd_enabled
+ - audit_rules_privileged_commands_sudo
+ - audit_rules_privileged_commands_su
+ - audit_rules_immutable
+ - kernel_module_usb-storage_disabled
+ - service_autofs_disabled
+ - auditd_audispd_syslog_plugin_activated
+ - rsyslog_remote_loghost
+ - auditd_data_retention_flush
+ - audit_rules_dac_modification_chmod
+ - audit_rules_dac_modification_chown
+ - audit_rules_dac_modification_fchmodat
+ - audit_rules_dac_modification_fchmod
+ - audit_rules_dac_modification_fchownat
+ - audit_rules_dac_modification_fchown
+ - audit_rules_dac_modification_fremovexattr
+ - audit_rules_dac_modification_fsetxattr
+ - audit_rules_dac_modification_lchown
+ - audit_rules_dac_modification_lremovexattr
+ - audit_rules_dac_modification_lsetxattr
+ - audit_rules_dac_modification_removexattr
+ - audit_rules_dac_modification_setxattr
+ - audit_rules_execution_chcon
+ - audit_rules_execution_restorecon
+ - audit_rules_execution_semanage
+ - audit_rules_execution_setsebool
+ - audit_rules_file_deletion_events_renameat
+ - audit_rules_file_deletion_events_rename
+ - audit_rules_file_deletion_events_rmdir
+ - audit_rules_file_deletion_events_unlinkat
+ - audit_rules_file_deletion_events_unlink
+ - audit_rules_kernel_module_loading_delete
+ - audit_rules_kernel_module_loading_init
+ - audit_rules_login_events_faillock
+ - audit_rules_login_events_lastlog
+ - audit_rules_login_events_tallylog
+ - audit_rules_mac_modification
+ - audit_rules_media_export
+ - audit_rules_networkconfig_modification
+ - audit_rules_privileged_commands_chage
+ - audit_rules_privileged_commands_chsh
+ - audit_rules_privileged_commands_crontab
+ - audit_rules_privileged_commands_gpasswd
+ - audit_rules_privileged_commands_newgrp
+ - audit_rules_privileged_commands_pam_timestamp_check
+ - audit_rules_privileged_commands_passwd
+ - audit_rules_privileged_commands_postdrop
+ - audit_rules_privileged_commands_postqueue
+ - audit_rules_privileged_commands_ssh_keysign
+ - audit_rules_privileged_commands_sudoedit
+ - audit_rules_privileged_commands_umount
+ - audit_rules_privileged_commands_unix_chkpwd
+ - audit_rules_privileged_commands_userhelper
+ - audit_rules_session_events
+ - audit_rules_sysadmin_actions
+ - audit_rules_system_shutdown
+ - var_audit_failure_mode=panic
+ - audit_rules_time_adjtimex
+ - audit_rules_time_clock_settime
+ - audit_rules_time_settimeofday
+ - audit_rules_time_stime
+ - audit_rules_time_watch_localtime
+ - audit_rules_unsuccessful_file_modification_creat
+ - audit_rules_unsuccessful_file_modification_ftruncate
+ - audit_rules_unsuccessful_file_modification_openat
+ - audit_rules_unsuccessful_file_modification_open_by_handle_at
+ - audit_rules_unsuccessful_file_modification_open
+ - audit_rules_unsuccessful_file_modification_truncate
+ - audit_rules_usergroup_modification_group
+ - audit_rules_usergroup_modification_gshadow
+ - audit_rules_usergroup_modification_opasswd
+ - audit_rules_usergroup_modification_passwd
+ - audit_rules_usergroup_modification_shadow
diff --git a/products/almalinux9/profiles/ism_o.profile b/products/almalinux9/profiles/ism_o.profile
new file mode 100644
index 000000000..3cd0db691
--- /dev/null
+++ b/products/almalinux9/profiles/ism_o.profile
@@ -0,0 +1,138 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - shaneboulden
+ - wcushen
+ - eliseelk
+ - sashperso
+ - anjuskantha
+
+reference: https://www.cyber.gov.au/ism
+
+title: 'Australian Cyber Security Centre (ACSC) ISM Official'
+
+description: |-
+ This profile contains configuration checks for Red Hat Enterprise Linux 9
+ that align to the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM)
+ with the applicability marking of OFFICIAL.
+
+ The ISM uses a risk-based approach to cyber security. This profile provides a guide to aligning
+ Red Hat Enterprise Linux security controls with the ISM, which can be used to select controls
+ specific to an organisation's security posture and risk profile.
+
+ A copy of the ISM can be found at the ACSC website:
+
+ https://www.cyber.gov.au/ism
+
+extends: e8
+
+selections:
+
+ ## Operating system configuration
+ ## Identifiers 1491
+ - no_shelllogin_for_systemaccounts
+
+ ## Local administrator accounts
+ ## Identifiers 1382 / 1410
+ - accounts_password_all_shadowed
+ - package_sudo_installed
+
+ ## Content filtering & Anti virus
+ ## Identifiers 0576 / 1341 / 1034 / 1417 / 1288
+ - package_aide_installed
+
+ ## Software firewall
+ ## Identifiers 1416
+ - configure_firewalld_ports
+ ## Removing due to build error
+ ## - configure_firewalld_rate_limiting
+ - firewalld_sshd_port_enabled
+ - set_firewalld_default_zone
+
+ ## Endpoint device control software
+ ## Identifiers 1418
+ - package_usbguard_installed
+ - service_usbguard_enabled
+ - usbguard_allow_hid_and_hub
+
+ ## Authentication hardening
+ ## Identifiers 1546 / 0974 / 1173 / 1504 / 1505 / 1401 / 1559 / 1560
+ ## 1561 / 1546 / 0421 / 1557 / 0422 / 1558 / 1403 / 0431
+ - sshd_use_directory_configuration
+ - sshd_max_auth_tries_value=5
+ - disable_host_auth
+ - require_emergency_target_auth
+ - require_singleuser_auth
+ - sshd_disable_kerb_auth
+ - sshd_set_max_auth_tries
+
+ ## Password authentication & Protecting credentials
+ ## Identifiers 0421 / 0431 / 0418 / 1402
+ - var_password_pam_minlen=14
+ - var_accounts_password_warn_age_login_defs=7
+ - var_accounts_minimum_age_login_defs=1
+ - var_accounts_maximum_age_login_defs=60
+ - var_authselect_profile=sssd
+ - enable_authselect
+ - accounts_password_warn_age_login_defs
+ - accounts_maximum_age_login_defs
+ - accounts_minimum_age_login_defs
+ - accounts_passwords_pam_faillock_interval
+ - accounts_passwords_pam_faillock_unlock_time
+ - accounts_passwords_pam_faillock_deny
+ - accounts_passwords_pam_faillock_deny_root
+ - accounts_password_pam_minlen
+
+ ## Centralised logging facility
+ ## Identifiers 1405 / 0988
+ - rsyslog_cron_logging
+ - rsyslog_files_groupownership
+ - rsyslog_files_ownership
+ - rsyslog_files_permissions
+ - rsyslog_nolisten
+ - rsyslog_remote_loghost
+ - rsyslog_remote_tls
+ - rsyslog_remote_tls_cacert
+ - package_chrony_installed
+ - service_chronyd_enabled
+ # - chronyd_specify_multiple_servers
+ - chronyd_specify_remote_server
+
+ ## Events to be logged
+ ## Identifiers 0580 / 0584 / 0582 / 0585 / 0586 / 0846 / 0957
+ - display_login_attempts
+ - sebool_auditadm_exec_content
+ - audit_rules_privileged_commands
+ - audit_rules_session_events
+ - audit_rules_unsuccessful_file_modification
+ - audit_access_failed
+ - audit_access_success
+
+ ## Web application & Database servers
+ ## Identifiers 1552 / 1277
+
+ ## Network design and configuration
+ ## Identifiers 1055 / 1311
+ - network_nmcli_permissions
+ - service_snmpd_disabled
+ - snmpd_use_newer_protocol
+
+ ## Wireless networks
+ ## Identifiers 1315
+ - wireless_disable_interfaces
+
+ ## ASD Approved Cryptographic Algorithms
+ ## Identifiers 0471 / 0472 / 0473 / 0474 / 0475 / 0476 / 0477 /
+ ## 0479 / 0480 / 0481 / 0489 / 0497 / 0994 / 0998 / 1001 / 1139 /
+ ## 1372 / 1373 / 1374 / 1375
+ - enable_fips_mode
+ - var_system_crypto_policy=fips
+ - configure_crypto_policy
+
+ ## Secure Shell access
+ ## Identifiers 0484 / 1506 / 1449 / 0487
+ - sshd_allow_only_protocol2
+ - sshd_enable_warning_banner
+ - sshd_disable_x11_forwarding
+ - file_permissions_sshd_private_key
diff --git a/products/almalinux9/profiles/ospp.profile b/products/almalinux9/profiles/ospp.profile
new file mode 100644
index 000000000..9626a82be
--- /dev/null
+++ b/products/almalinux9/profiles/ospp.profile
@@ -0,0 +1,347 @@
+documentation_complete: true
+
+metadata:
+ version: 4.2.1
+ SMEs:
+ - comps
+ - stevegrubb
+
+reference: https://www.niap-ccevs.org/Profile/Info.cfm?PPID=442&id=442
+
+title: 'Protection Profile for General Purpose Operating Systems'
+
+description: |-
+ This profile is part of Red Hat Enterprise Linux 9 Common Criteria Guidance
+ documentation for Target of Evaluation based on Protection Profile for
+ General Purpose Operating Systems (OSPP) version 4.2.1 and Functional
+ Package for SSH version 1.0.
+
+ Where appropriate, CNSSI 1253 or DoD-specific values are used for
+ configuration, based on Configuration Annex to the OSPP.
+
+selections:
+
+ #######################################################
+ ### GENERAL REQUIREMENTS
+ ### Things needed to meet OSPP functional requirements.
+ #######################################################
+
+ ### Partitioning
+ - partition_for_var_log_audit
+ - mount_option_var_log_audit_nodev
+ - mount_option_var_log_audit_nosuid
+ - mount_option_var_log_audit_noexec
+
+ ### Services
+ # sshd
+ - sshd_use_directory_configuration
+ - sshd_disable_root_login
+ - disable_host_auth
+ - sshd_disable_empty_passwords
+ - sshd_disable_kerb_auth
+ - sshd_disable_gssapi_auth
+ - sshd_rekey_limit
+ - var_rekey_limit_size=1G
+ - var_rekey_limit_time=1hour
+
+ # Time Server
+ - chronyd_client_only
+
+ ### systemd
+ - disable_ctrlaltdel_reboot
+ - disable_ctrlaltdel_burstaction
+ - service_debug-shell_disabled
+ - grub2_systemd_debug-shell_argument_absent
+
+ ### Software update
+ - ensure_almalinux_gpgkey_installed
+ - ensure_gpgcheck_globally_activated
+ - ensure_gpgcheck_local_packages
+ - ensure_gpgcheck_never_disabled
+
+ ### Kernel Config
+ ## Boot prompt
+ - grub2_audit_argument
+ - grub2_audit_backlog_limit_argument
+ - grub2_vsyscall_argument
+ - grub2_init_on_alloc_argument
+ - grub2_page_alloc_shuffle_argument
+
+ ## Security Settings
+ - sysctl_kernel_kptr_restrict
+ - sysctl_kernel_dmesg_restrict
+ - sysctl_kernel_kexec_load_disabled
+ - sysctl_kernel_yama_ptrace_scope
+ - sysctl_kernel_perf_event_paranoid
+ - sysctl_user_max_user_namespaces
+ - sysctl_kernel_unprivileged_bpf_disabled_accept_default
+ - sysctl_kernel_unprivileged_bpf_disabled_value=2
+ - service_kdump_disabled
+
+ ### Audit
+ - service_auditd_enabled
+ - var_auditd_flush=incremental_async
+ - auditd_data_retention_flush
+ - auditd_log_format
+ - auditd_freq
+ - auditd_name_format
+
+ ### Module Disabled
+ - kernel_module_bluetooth_disabled
+ - kernel_module_sctp_disabled
+ - kernel_module_can_disabled
+ - kernel_module_tipc_disabled
+
+ ### rpcbind
+
+ ### Install Required Packages
+ - package_dnf-automatic_installed
+ - package_subscription-manager_installed
+ - package_firewalld_installed
+ - package_openscap-scanner_installed
+ - package_sudo_installed
+ - package_usbguard_installed
+ - package_scap-security-guide_installed
+ - package_audit_installed
+ - package_crypto-policies_installed
+ - package_openssh-server_installed
+ - package_openssh-clients_installed
+ - package_chrony_installed
+ - package_gnutls-utils_installed
+
+ ### Login
+ - sysctl_kernel_core_pattern_empty_string
+ - sysctl_kernel_core_uses_pid
+ - service_systemd-coredump_disabled
+ - var_authselect_profile=minimal
+ - enable_authselect
+ - use_pam_wheel_for_su
+
+ ### SELinux Configuration
+ - var_selinux_state=enforcing
+ - selinux_state
+ - var_selinux_policy_name=targeted
+ - selinux_policytype
+
+ ### Application Whitelisting (RHEL 9)
+ - package_fapolicyd_installed
+ - service_fapolicyd_enabled
+
+ ### Configure USBGuard
+ - service_usbguard_enabled
+ - configure_usbguard_auditbackend
+ - usbguard_allow_hid_and_hub
+
+
+ ### Enable / Configure FIPS
+ - enable_fips_mode
+ - var_system_crypto_policy=fips_ospp
+ - configure_crypto_policy
+ - configure_ssh_crypto_policy
+ - configure_openssl_crypto_policy
+ - enable_dracut_fips_module
+
+ #######################################################
+ ### CONFIGURATION ANNEX TO THE PROTECTION PROFILE
+ ### FOR GENERAL PURPOSE OPERATING SYSTEMS
+ ### ANNEX RELEASE 1
+ ### FOR PROTECTION PROFILE VERSIONS 4.2
+ ###
+ ### https://www.niap-ccevs.org/MMO/PP/-442ConfigAnnex-/
+ #######################################################
+
+ ## Configure Minimum Password Length to 12 Characters
+ ## IA-5 (1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - var_password_pam_minlen=12
+ - accounts_password_pam_minlen
+
+ ## Require at Least 1 Special Character in Password
+ ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - var_password_pam_ocredit=1
+ - accounts_password_pam_ocredit
+
+ ## Require at Least 1 Numeric Character in Password
+ ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - var_password_pam_dcredit=1
+ - accounts_password_pam_dcredit
+
+ ## Require at Least 1 Uppercase Character in Password
+ ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - var_password_pam_ucredit=1
+ - accounts_password_pam_ucredit
+
+ ## Require at Least 1 Lowercase Character in Password
+ ## IA-5(1)(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - var_password_pam_lcredit=1
+ - accounts_password_pam_lcredit
+
+ ## Enable Screen Lock
+ ## FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - package_tmux_installed
+ - configure_bashrc_exec_tmux
+ - no_tmux_in_shells
+ - configure_tmux_lock_command
+
+ ## Set Screen Lock Timeout Period to 30 Minutes or Less
+ ## AC-11(a) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - configure_tmux_lock_after_time
+
+ ## Disable Unauthenticated Login (such as Guest Accounts)
+ ## FIA_UAU.1
+ - require_singleuser_auth
+ - grub2_disable_recovery
+ - grub2_uefi_password
+ - no_empty_passwords
+
+ ## Set Maximum Number of Authentication Failures to 3 Within 15 Minutes
+ ## AC-7 / FIA_AFL.1
+ - var_accounts_passwords_pam_faillock_deny=3
+ - accounts_passwords_pam_faillock_deny
+ - var_accounts_passwords_pam_faillock_fail_interval=900
+ - accounts_passwords_pam_faillock_interval
+ - var_accounts_passwords_pam_faillock_unlock_time=never
+ - accounts_passwords_pam_faillock_unlock_time
+
+ ## Enable Host-Based Firewall
+ ## SC-7(12) / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ - service_firewalld_enabled
+
+ ## Configure Name/Addres of Remote Management Server
+ ## From Which to Receive Config Settings
+ ## CM-3(3) / FMT_MOF_EXT.1
+ # Management server not selected in FTP_ITC_EXT.1
+
+ ## Configure the System to Offload Audit Records to a Log
+ ## Server
+ ## AU-4(1) / FAU_GEN.1.1.c
+ # Audit server not selected in FTP_ITC_EXT.1
+
+ ## Set Logon Warning Banner
+ ## AC-8(a) / FMT_MOF_EXT.1 (FTA_TAB.1)
+ - sshd_enable_warning_banner
+
+ ## Audit All Logons (Success/Failure) and Logoffs (Success)
+ ## CNSSI 1253 Value or DoD-Specific Values:
+ ## (1) Logons (Success/Failure)
+ ## (2) Logoffs (Success)
+ ## AU-2(a) / FAU_GEN.1.1.c
+
+ ## Audit File and Object Events (Unsuccessful)
+ ## CNSSI 1253 Value or DoD-specific Values:
+ ## (1) Create (Success/Failure)
+ ## (2) Access (Success/Failure)
+ ## (3) Delete (Sucess/Failure)
+ ## (4) Modify (Success/Failure)
+ ## (5) Permission Modification (Sucess/Failure)
+ ## (6) Ownership Modification (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ ##
+ ##
+ ## (1) Create (Success/Failure)
+ ## (open with O_CREAT)
+ ## (2) Access (Success/Failure)
+ ## (3) Delete (Success/Failure)
+ ## (4) Modify (Success/Failure)
+ ## (5) Permission Modification (Success/Failure)
+ ## (6) Ownership Modification (Success/Failure)
+
+ ## Audit User and Group Management Events (Success/Failure)
+ ## CNSSI 1253 Value or DoD-specific Values:
+ ## (1) User add, delete, modify, disable, enable (Success/Failure)
+ ## (2) Group/Role add, delete, modify (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ ##
+ ## Generic User and Group Management Events (Success/Failure)
+ ## Selection of setuid programs that relate to
+ ## user accounts.
+ ##
+ ## CNSSI 1253: (1) User add, delete, modify, disable, enable (Success/Failure)
+ ##
+ ## CNSSI 1252: (2) Group/Role add, delete, modify (Success/Failure)
+ ##
+ ## Audit Privilege or Role Escalation Events (Success/Failure)
+ ## CNSSI 1253 Value or DoD-specific Values:
+ ## - Privilege/Role escalation (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ ## Audit All Audit and Log Data Accesses (Success/Failure)
+ ## CNSSI 1253 Value or DoD-specific Values:
+ ## - Audit and log data access (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ ## Audit Cryptographic Verification of Software (Success/Failure)
+ ## CNSSI 1253 Value or DoD-specific Values:
+ ## - Applications (e.g. Firefox, Internet Explorer, MS Office Suite,
+ ## etc) initialization (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ ## Audit Kernel Module Loading and Unloading Events (Success/Failure)
+ ## AU-2(a) / FAU_GEN.1.1.c
+ - audit_basic_configuration
+ - audit_immutable_login_uids
+ - audit_create_failed
+ - audit_create_failed_aarch64
+ - audit_create_failed_ppc64le
+ - audit_create_success
+ - audit_create_success_aarch64
+ - audit_create_success_ppc64le
+ - audit_modify_failed
+ - audit_modify_failed_aarch64
+ - audit_modify_failed_ppc64le
+ - audit_modify_success
+ - audit_modify_success_aarch64
+ - audit_modify_success_ppc64le
+ - audit_access_failed
+ - audit_access_failed_aarch64
+ - audit_access_failed_ppc64le
+ - audit_access_success
+ - audit_access_success.severity=info
+ - audit_access_success.role=unscored
+ - audit_access_success_aarch64
+ - audit_access_success_aarch64.severity=info
+ - audit_access_success_aarch64.role=unscored
+ - audit_access_success_ppc64le
+ - audit_access_success_ppc64le.severity=info
+ - audit_access_success_ppc64le.role=unscored
+ - audit_delete_failed
+ - audit_delete_failed_aarch64
+ - audit_delete_failed_ppc64le
+ - audit_delete_success
+ - audit_delete_success_aarch64
+ - audit_delete_success_ppc64le
+ - audit_perm_change_failed
+ - audit_perm_change_failed_aarch64
+ - audit_perm_change_failed_ppc64le
+ - audit_perm_change_success
+ - audit_perm_change_success_aarch64
+ - audit_perm_change_success_ppc64le
+ - audit_owner_change_failed
+ - audit_owner_change_failed_aarch64
+ - audit_owner_change_failed_ppc64le
+ - audit_owner_change_success
+ - audit_owner_change_success_aarch64
+ - audit_owner_change_success_ppc64le
+ - audit_ospp_general
+ - audit_ospp_general_aarch64
+ - audit_ospp_general_ppc64le
+ - audit_module_load
+ - audit_module_load_ppc64le
+
+ ## Enable Automatic Software Updates
+ ## SI-2 / FMT_MOF_EXT.1 (FMT_SMF_EXT.1)
+ # Configure dnf-automatic to Install Available Updates Automatically
+ - dnf-automatic_apply_updates
+
+ # Enable dnf-automatic Timer
+ - timer_dnf-automatic_enabled
+
+ # set ssh client rekey limit
+ - ssh_client_rekey_limit
+ - var_ssh_client_rekey_limit_size=1G
+ - var_ssh_client_rekey_limit_time=1hour
+
+ # zIPl specific rules
+ - zipl_bls_entries_only
+ - zipl_bootmap_is_up_to_date
+ - zipl_audit_argument
+ - zipl_audit_backlog_limit_argument
+ - zipl_init_on_alloc_argument
+ - zipl_page_alloc_shuffle_argument
+ - zipl_systemd_debug-shell_argument_absent
diff --git a/products/almalinux9/profiles/pci-dss.profile b/products/almalinux9/profiles/pci-dss.profile
new file mode 100644
index 000000000..707424189
--- /dev/null
+++ b/products/almalinux9/profiles/pci-dss.profile
@@ -0,0 +1,149 @@
+documentation_complete: true
+
+metadata:
+ SMEs:
+ - yuumasato
+
+reference: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
+
+title: 'PCI-DSS v3.2.1 Control Baseline for Red Hat Enterprise Linux 9'
+
+description: |-
+ Ensures PCI-DSS v3.2.1 security configuration settings are applied.
+
+selections:
+ - var_password_pam_unix_remember=4
+ - var_account_disable_post_pw_expiration=90
+ - var_accounts_passwords_pam_faillock_deny=6
+ - var_accounts_passwords_pam_faillock_unlock_time=1800
+ - var_password_pam_minlen=7
+ - var_password_pam_minclass=2
+ - var_accounts_maximum_age_login_defs=90
+ - var_auditd_num_logs=5
+ - service_auditd_enabled
+ - grub2_audit_argument
+ - auditd_data_retention_num_logs
+ - auditd_data_retention_max_log_file
+ - auditd_data_retention_max_log_file_action
+ - auditd_data_retention_space_left_action
+ - auditd_data_retention_admin_space_left_action
+ - auditd_data_retention_action_mail_acct
+ - package_audispd-plugins_installed
+ - auditd_audispd_syslog_plugin_activated
+ - audit_rules_time_adjtimex
+ - audit_rules_time_settimeofday
+ - audit_rules_time_stime
+ - audit_rules_time_clock_settime
+ - audit_rules_time_watch_localtime
+ - audit_rules_usergroup_modification_group
+ - audit_rules_usergroup_modification_gshadow
+ - audit_rules_usergroup_modification_opasswd
+ - audit_rules_usergroup_modification_passwd
+ - audit_rules_usergroup_modification_shadow
+ - audit_rules_networkconfig_modification
+ - file_permissions_var_log_audit
+ - file_ownership_var_log_audit
+ - audit_rules_mac_modification
+ - audit_rules_dac_modification_chmod
+ - audit_rules_dac_modification_chown
+ - audit_rules_dac_modification_fchmod
+ - audit_rules_dac_modification_fchmodat
+ - audit_rules_dac_modification_fchown
+ - audit_rules_dac_modification_fchownat
+ - audit_rules_dac_modification_fremovexattr
+ - audit_rules_dac_modification_fsetxattr
+ - audit_rules_dac_modification_lchown
+ - audit_rules_dac_modification_lremovexattr
+ - audit_rules_dac_modification_lsetxattr
+ - audit_rules_dac_modification_removexattr
+ - audit_rules_dac_modification_setxattr
+ - audit_rules_login_events
+ - audit_rules_session_events
+ - audit_rules_unsuccessful_file_modification_creat
+ - audit_rules_unsuccessful_file_modification_ftruncate
+ - audit_rules_unsuccessful_file_modification_open
+ - audit_rules_unsuccessful_file_modification_open_by_handle_at
+ - audit_rules_unsuccessful_file_modification_openat
+ - audit_rules_unsuccessful_file_modification_truncate
+ - audit_rules_privileged_commands
+ - audit_rules_media_export
+ - audit_rules_file_deletion_events_rename
+ - audit_rules_file_deletion_events_renameat
+ - audit_rules_file_deletion_events_rmdir
+ - audit_rules_file_deletion_events_unlink
+ - audit_rules_file_deletion_events_unlinkat
+ - audit_rules_sysadmin_actions
+ - audit_rules_kernel_module_loading_delete
+ - audit_rules_kernel_module_loading_finit
+ - audit_rules_kernel_module_loading_init
+ - audit_rules_immutable
+ - var_multiple_time_servers=rhel
+ - service_chronyd_enabled
+ - chronyd_specify_remote_server
+ # - chronyd_specify_multiple_servers
+ - rpm_verify_permissions
+ - rpm_verify_hashes
+ - install_hids
+ - rsyslog_files_permissions
+ - rsyslog_files_ownership
+ - rsyslog_files_groupownership
+ - ensure_logrotate_activated
+ - package_aide_installed
+ - aide_build_database
+ - aide_periodic_cron_checking
+ - account_unique_name
+ - gid_passwd_group_same
+ - accounts_password_all_shadowed
+ - no_empty_passwords
+ - display_login_attempts
+ - account_disable_post_pw_expiration
+ - var_authselect_profile=sssd
+ - enable_authselect
+ - accounts_passwords_pam_faillock_deny
+ - accounts_passwords_pam_faillock_unlock_time
+ - dconf_db_up_to_date
+ - dconf_gnome_screensaver_idle_delay
+ - dconf_gnome_session_idle_user_locks
+ - dconf_gnome_screensaver_idle_activation_enabled
+ - dconf_gnome_screensaver_lock_enabled
+ - dconf_gnome_screensaver_mode_blank
+ - sshd_use_directory_configuration
+ - accounts_password_pam_minlen
+ - accounts_password_pam_dcredit
+ - accounts_password_pam_ucredit
+ - accounts_password_pam_lcredit
+ - accounts_password_pam_unix_remember
+ - accounts_maximum_age_login_defs
+ - ensure_almalinux_gpgkey_installed
+ - ensure_gpgcheck_globally_activated
+ - ensure_gpgcheck_never_disabled
+ - security_patches_up_to_date
+ - package_opensc_installed
+ - var_smartcard_drivers=cac
+ - configure_opensc_card_drivers
+ - force_opensc_card_drivers
+ - package_pcsc-lite_installed
+ - service_pcscd_enabled
+ - sssd_enable_smartcards
+ - set_password_hashing_algorithm_systemauth
+ - set_password_hashing_algorithm_passwordauth
+ - set_password_hashing_algorithm_logindefs
+ - set_password_hashing_algorithm_libuserconf
+ - file_owner_etc_shadow
+ - file_groupowner_etc_shadow
+ - file_permissions_etc_shadow
+ - file_owner_etc_group
+ - file_groupowner_etc_group
+ - file_permissions_etc_group
+ - file_owner_etc_passwd
+ - file_groupowner_etc_passwd
+ - file_permissions_etc_passwd
+ - file_owner_grub2_cfg
+ - file_groupowner_grub2_cfg
+ - package_libreswan_installed
+ - configure_crypto_policy
+ - configure_bind_crypto_policy
+ - configure_openssl_crypto_policy
+ - configure_libreswan_crypto_policy
+ - configure_ssh_crypto_policy
+ - configure_kerberos_crypto_policy
diff --git a/products/almalinux9/profiles/stig.profile b/products/almalinux9/profiles/stig.profile
new file mode 100644
index 000000000..a24132bae
--- /dev/null
+++ b/products/almalinux9/profiles/stig.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+ version: TBD
+ SMEs:
+ - mab879
+ - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
+title: '[DRAFT] DISA STIG for Red Hat Enterprise Linux 9'
+
+description: |-
+ This is a draft profile based on its RHEL8 version for experimental purposes.
+ It is not based on the DISA STIG for RHEL9, because this one was not available at time of
+ the release.
+
+selections:
+ - srg_gpos:all
diff --git a/products/almalinux9/profiles/stig_gui.profile b/products/almalinux9/profiles/stig_gui.profile
new file mode 100644
index 000000000..ed7b1c7ff
--- /dev/null
+++ b/products/almalinux9/profiles/stig_gui.profile
@@ -0,0 +1,38 @@
+documentation_complete: true
+
+metadata:
+ version: TBD
+ SMEs:
+ - mab879
+ - ggbecker
+
+reference: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux
+
+title: '[DRAFT] DISA STIG with GUI for Red Hat Enterprise Linux 9'
+
+description: |-
+ This is a draft profile based on its RHEL8 version for experimental purposes.
+ It is not based on the DISA STIG for RHEL9, because this one was not available at time of
+ the release.
+
+ Warning: The installation and use of a Graphical User Interface (GUI)
+ increases your attack vector and decreases your overall security posture. If
+ your Information Systems Security Officer (ISSO) lacks a documented operational
+ requirement for a graphical user interface, please consider using the
+ standard DISA STIG for Red Hat Enterprise Linux 9 profile.
+
+extends: stig
+
+selections:
+ # RHEL-08-040320
+ - '!xwindows_remove_packages'
+
+ # RHEL-08-040321
+ - '!xwindows_runlevel_target'
+
+ # SRG-OS-000480-GPOS-00227
+ - '!package_gdm_removed'
+ - '!package_xorg-x11-server-common_removed'
+
+ # SRG-OS-000095-GPOS-00049
+ - '!package_nfs-utils_removed'
diff --git a/products/almalinux9/transforms/constants.xslt b/products/almalinux9/transforms/constants.xslt
new file mode 100644
index 000000000..9e1090184
--- /dev/null
+++ b/products/almalinux9/transforms/constants.xslt
@@ -0,0 +1,13 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
+
+<xsl:variable name="product_long_name">AlmaLinux 9</xsl:variable>
+<xsl:variable name="product_short_name">AL9</xsl:variable>
+<xsl:variable name="product_stig_id_name">AL_9_STIG</xsl:variable>
+<xsl:variable name="prod_type">almalinux9</xsl:variable>
+
+<xsl:variable name="cisuri">https://www.cisecurity.org/benchmark/almalinuxos_linux/</xsl:variable>
+<xsl:variable name="disa-srguri" select="$disa-ossrguri"/>
+
+</xsl:stylesheet>
diff --git a/products/almalinux9/transforms/table-style.xslt b/products/almalinux9/transforms/table-style.xslt
new file mode 100644
index 000000000..8b6caeab8
--- /dev/null
+++ b/products/almalinux9/transforms/table-style.xslt
@@ -0,0 +1,5 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:import href="../../../shared/transforms/shared_table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt b/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt
new file mode 100644
index 000000000..4789419b8
--- /dev/null
+++ b/products/almalinux9/transforms/xccdf-apply-overlay-stig.xslt
@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://checklists.nist.gov/xccdf/1.1" xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml" exclude-result-prefixes="xccdf">
+
+<xsl:include href="../../../shared/transforms/shared_xccdf-apply-overlay-stig.xslt"/>
+<xsl:include href="constants.xslt"/>
+<xsl:variable name="overlays" select="document($overlay)/xccdf:overlays" />
+
+</xsl:stylesheet>
diff --git a/products/almalinux9/transforms/xccdf2table-cce.xslt b/products/almalinux9/transforms/xccdf2table-cce.xslt
new file mode 100644
index 000000000..f156a6695
--- /dev/null
+++ b/products/almalinux9/transforms/xccdf2table-cce.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:cce="http://cce.mitre.org" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-cce.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt b/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt
new file mode 100644
index 000000000..30419e92b
--- /dev/null
+++ b/products/almalinux9/transforms/xccdf2table-profileccirefs.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:cci="https://public.cyber.mil/stigs/cci" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:ovalns="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-profileccirefs.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/shared/checks/oval/install_mcafee_hbss.xml b/shared/checks/oval/install_mcafee_hbss.xml
index ae2203571..ebc165296 100644
--- a/shared/checks/oval/install_mcafee_hbss.xml
+++ b/shared/checks/oval/install_mcafee_hbss.xml
@@ -10,6 +10,7 @@
<platform>multi_platform_ol</platform>
<platform>multi_platform_rhcos</platform>
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_rhv</platform>
<platform>multi_platform_sle</platform>
<platform>multi_platform_ubuntu</platform>
diff --git a/shared/checks/oval/installed_OS_is_almalinux9.xml b/shared/checks/oval/installed_OS_is_almalinux9.xml
new file mode 100644
index 000000000..168031ef5
--- /dev/null
+++ b/shared/checks/oval/installed_OS_is_almalinux9.xml
@@ -0,0 +1,36 @@
+<def-group>
+ <definition class="inventory"
+ id="installed_OS_is_almalinux9" version="1">
+ <metadata>
+ <title>AlmaLinux 9</title>
+ <affected family="unix">
+ <platform>multi_platform_all</platform>
+ </affected>
+ <reference ref_id="cpe:/o:almalinux:almalinux:9"
+ source="CPE" />
+
+ <description>The operating system installed on the system is
+ AlmaLinux 9</description>
+ </metadata>
+ <criteria>
+ <extend_definition comment="Installed OS is part of the Unix family"
+ definition_ref="installed_OS_is_part_of_Unix_family" />
+ <criteria operator="OR">
+ <criterion comment="AlmaLinux 9 System is installed"
+ test_ref="test_almalinux9_system" />
+ </criteria>
+ </criteria>
+ </definition>
+
+ <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="almalinux-release is version 9" id="test_almalinux9_system" version="1">
+ <linux:object object_ref="obj_almalinux9_system" />
+ <linux:state state_ref="state_almalinux9_system" />
+ </linux:rpminfo_test>
+ <linux:rpminfo_state id="state_almalinux9_system" version="1">
+ <linux:version operation="pattern match">^9.*$</linux:version>
+ </linux:rpminfo_state>
+ <linux:rpminfo_object id="obj_almalinux9_system" version="1">
+ <linux:name>almalinux-release</linux:name>
+ </linux:rpminfo_object>
+
+</def-group>
diff --git a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
index affb9770c..7273e6d7d 100644
--- a/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
+++ b/shared/checks/oval/sysctl_kernel_ipv6_disable.xml
@@ -12,6 +12,7 @@
<platform>multi_platform_ol</platform>
<platform>multi_platform_rhcos</platform>
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_rhv</platform>
<platform>multi_platform_sle</platform>
<platform>multi_platform_ubuntu</platform>
diff --git a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
index f1607eb65..8db20f544 100644
--- a/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
+++ b/shared/references/disa-stig-ol7-v2r11-xccdf-manual.xml
@@ -929,7 +929,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
$ sudo grep -iw grub2_password /boot/grub2/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221702"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221702r744074_rule" weight="10.0" severity="high"><version>OL07-00-010491</version><title>Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-99143</ident><ident system="http://cyber.mil/legacy">SV-108247</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-23406r744073_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221702"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221702r744074_rule" weight="10.0" severity="high"><version>OL07-00-010491</version><title>Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for Oracle Linux 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">V-99143</ident><ident system="http://cyber.mil/legacy">SV-108247</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-23406r744073_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -941,7 +941,7 @@ For systems that are running a version of Oracle Linux prior to 7.2, this is Not
Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-221703"><title>SRG-OS-000104-GPOS-00051</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221703r818811_rule" weight="10.0" severity="medium"><version>OL07-00-010500</version><title>The Oracle Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.</title><description>&lt;VulnDiscussion&gt;To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
@@ -1836,7 +1836,7 @@ On BIOS-based machines, use the following command:
On UEFI-based machines, use the following command:
-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
+# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
@@ -1867,7 +1867,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
# grep fips /boot/grub2/grub.cfg
/vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
@@ -1939,14 +1939,14 @@ An example rule that includes the "sha512" rule follows:
If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-221762"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-221762r860864_rule" weight="10.0" severity="medium"><version>OL07-00-021700</version><title>The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 7</dc:subject><dc:identifier>4089</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-108367</ident><ident system="http://cyber.mil/legacy">V-99263</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><fixtext fixref="F-23466r419359_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-23466r419359_fix" /><check system="C-23477r858455_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
Check for the existence of alternate boot loader configuration files with the following command:
# find / -name grub.cfg
/boot/grub2/grub.cfg
-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader.
+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader.
Check that the grub configuration file has the set root command in each menu entry with the following commands:
@@ -4479,12 +4479,12 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
Generate a new grub.cfg file with the following command:
-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47788r833026_fix" /><check system="C-47831r792808_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47788r833026_fix" /><check system="C-47831r792808_chk"><check-content-ref href="Oracle_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
For systems that are running a version of Oracle Linux prior to 7.2, this is Not Applicable.
Verify that a unique name is set as the "superusers" account:
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
set superusers="[someuniquestringhere]"
export superusers
diff --git a/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml b/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
index 8181b3b09..364c07f42 100644
--- a/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
+++ b/shared/references/disa-stig-ol8-v1r6-xccdf-manual.xml
@@ -439,7 +439,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-51923r818600_fix" /><check system=
If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r779177_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/redhat/user.cfg" file.
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-248537"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-248537r779177_rule" weight="10.0" severity="high"><version>OL08-00-010140</version><title>OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for OL 8 and is designed to require a password to boot into single-user mode or modify the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Oracle Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Oracle Linux 8</dc:subject><dc:identifier>5416</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-51925r779176_fix">Configure the system to require an encrypted grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the "/boot/efi/EFI/almalinux/user.cfg" file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -449,7 +449,7 @@ Confirm password:</fixtext><fix id="F-51925r779176_fix" /><check system="C-51971
Determine if an encrypted password is set for the grub superusers account. On systems that use UEFI, use the following command:
-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
@@ -464,11 +464,11 @@ password_pbkdf2 [someuniqueUserNamehere] ${GRUB2_PASSWORD}
Generate a new grub.cfg file with the following command:
-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-51926r779179_fix" /><check system="C-51972r818602_chk"><check-content-ref href="Oracle_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-51926r779179_fix" /><check system="C-51972r818602_chk"><check-content-ref href="Oracle_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
Verify that a unique name is set as the "superusers" account:
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
set superusers="[someuniqueUserNamehere]"
export superusers
diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
index 061ac2bac..aac521349 100644
--- a/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-manual.xml
@@ -906,7 +906,7 @@ Check to see if an encrypted grub superusers password is set. On systems that us
$ sudo grep -iw grub2_password /boot/grub2/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
-If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-204440"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204440r744098_rule" weight="10.0" severity="high"><version>RHEL-07-010491</version><title>Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-95719</ident><ident system="http://cyber.mil/legacy">V-81007</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-4564r744097_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-204440"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204440r744098_rule" weight="10.0" severity="high"><version>RHEL-07-010491</version><title>Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 7 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-95719</ident><ident system="http://cyber.mil/legacy">V-81007</ident><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-4564r744097_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -918,7 +918,7 @@ For systems that are running a version of RHEL prior to 7.2, this is Not Applica
Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
If the grub superusers password does not begin with "grub.pbkdf2.sha512", this is a finding.</check-content></check></Rule></Group><Group id="V-204441"><title>SRG-OS-000104-GPOS-00051</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204441r818813_rule" weight="10.0" severity="medium"><version>RHEL-07-010500</version><title>The Red Hat Enterprise Linux operating system must uniquely identify and must authenticate organizational users (or processes acting on behalf of organizational users) using multifactor authentication.</title><description>&lt;VulnDiscussion&gt;To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
@@ -1864,7 +1864,7 @@ On BIOS-based machines, use the following command:
On UEFI-based machines, use the following command:
-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
+# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
@@ -1895,7 +1895,7 @@ dracut-fips-033-360.el7_2.x86_64.rpm
If a "dracut-fips" package is installed, check to see if the kernel command line is configured to use FIPS mode with the following command:
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
# grep fips /boot/grub2/grub.cfg
/vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0 rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us rd.lvm.lv=rhel/root rhgb fips=1 quiet
@@ -1968,14 +1968,14 @@ An example rule that includes the "sha512" rule follows:
If the "sha512" rule is not being used on all uncommented selection lines in the "/etc/aide.conf" file, or another file integrity tool is not using FIPS 140-2-approved cryptographic hashes for validating file contents and directories, this is a finding.</check-content></check></Rule></Group><Group id="V-204501"><title>SRG-OS-000364-GPOS-00151</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-204501r861008_rule" weight="10.0" severity="medium"><version>RHEL-07-021700</version><title>The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.</title><description>&lt;VulnDiscussion&gt;Malicious users with removable boot media can gain access to a system configured to use removable media as the boot loader. If removable media is designed to be used as the boot loader, the requirement must be documented with the Information System Security Officer (ISSO).&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 7</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 7</dc:subject><dc:identifier>2899</dc:identifier></reference><ident system="http://cyber.mil/legacy">SV-86699</ident><ident system="http://cyber.mil/legacy">V-72075</ident><ident system="http://cyber.mil/cci">CCI-000318</ident><ident system="http://cyber.mil/cci">CCI-000368</ident><ident system="http://cyber.mil/cci">CCI-001812</ident><ident system="http://cyber.mil/cci">CCI-001813</ident><ident system="http://cyber.mil/cci">CCI-001814</ident><fixtext fixref="F-4625r88696_fix">Remove alternate methods of booting the system from removable media or document the configuration to boot from removable media with the ISSO.</fixtext><fix id="F-4625r88696_fix" /><check system="C-4625r858481_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>Verify the system is not configured to use a boot loader on removable media.
-Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
+Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file on traditional BIOS-based machines and from the "/boot/efi/EFI/almalinux/grub.cfg" file on UEFI machines.
Check for the existence of alternate boot loader configuration files with the following command:
# find / -name grub.cfg
/boot/grub2/grub.cfg
-If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/redhat", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader.
+If a "grub.cfg" is found in any subdirectories other than "/boot/grub2" and "/boot/efi/EFI/almalinux", ask the System Administrator if there is documentation signed by the ISSO to approve the use of removable media as a boot loader.
Check that the grub configuration file has the set root command in each menu entry with the following commands:
@@ -4475,13 +4475,13 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
Generate a new grub.cfg file with the following command:
-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47790r833186_fix" /><check system="C-47833r792839_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47790r833186_fix" /><check system="C-47833r792839_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_7_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
For systems that are running a version of RHEL prior to 7.2, this is Not Applicable.
Verify that a unique name is set as the "superusers" account:
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
set superusers="[someuniquestringhere]"
export superusers
diff --git a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
index 6c1f3f917..726bbd515 100644
--- a/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
+++ b/shared/references/disa-stig-rhel7-v3r12-xccdf-scap.xml
@@ -3228,7 +3228,7 @@ Confirm password:</xccdf:fixtext>
<xccdf:ident system="http://cyber.mil/legacy">SV-95719</xccdf:ident>
<xccdf:ident system="http://cyber.mil/legacy">V-81007</xccdf:ident>
<xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
- <xccdf:fixtext fixref="F-4564r744097_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+ <xccdf:fixtext fixref="F-4564r744097_fix">Configure the system to encrypt the boot password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -4005,7 +4005,7 @@ On BIOS-based machines, use the following command:
On UEFI-based machines, use the following command:
-# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
+# grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg
If /boot or /boot/efi reside on separate partitions, the kernel parameter boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command line. You can identify a partition by running the df /boot or df /boot/efi command:
@@ -7538,6 +7538,7 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
<affected family="unix">
<platform>multi_platform_fedora</platform>
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_rhel-osp</platform>
</affected>
<description>The prelinking feature can interfere with the operation of
@@ -7569,6 +7570,7 @@ Remove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/
<title>Package openssh-server Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_fedora</platform>
<platform>multi_platform_sle</platform>
</affected>
@@ -8340,6 +8342,7 @@ Password complexity is one factor of several that determines how long it takes t
<title>Limit Password Reuse</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_fedora</platform>
</affected>
<description>The passwords to remember should be set correctly.</description>
@@ -8356,6 +8359,7 @@ Password complexity is one factor of several that determines how long it takes t
<title>RHEL-07-040160 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements.</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free up resources committed by the managed network element.
@@ -8413,6 +8417,7 @@ Terminating network connections associated with communications sessions includes
<title>RHEL-07-030410 - The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod and fchmodat syscalls.</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.
@@ -8469,6 +8474,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>RHEL-07-030370 - The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat and lchown syscalls.</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27364-9" />
<reference ref_id="audit_rules_dac_modification_chown" source="ssg" />
@@ -8515,6 +8521,7 @@ When a user logs on, the auid is set to the uid of the account that is being aut
<title>RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr and lremovexattr syscalls.</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27213-8" />
<reference ref_id="audit_rules_dac_modification_setxattr" source="ssg" />
@@ -9612,6 +9619,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Disable Host-Based Authentication</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>SSH host-based authentication should be disabled.</description>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27413-4" />
@@ -9627,6 +9635,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Package prelink Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>The RPM package prelink should be removed.</description>
<reference ref_id="package_prelink_removed" source="ssg" />
@@ -9770,6 +9779,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Mount Remote Filesystems with nosuid</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-80240-5" />
<reference ref_id="mount_option_nosuid_remote_filesystems" source="ssg" />
@@ -9800,6 +9810,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Package net-snmp Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>The RPM package net-snmp should be removed.</description>
<reference ref_id="package_net-snmp_removed" source="ssg" />
@@ -9827,6 +9838,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Package telnet-server Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>The RPM package telnet-server should be removed.</description>
<reference ref_id="package_telnet-server_removed" source="ssg" />
@@ -9855,6 +9867,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Package vsftpd Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>The RPM package vsftpd should be removed.</description>
<reference ref_id="package_vsftpd_removed" source="ssg" />
@@ -9868,6 +9881,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Package xorg-x11-server-common Removed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_fedora</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27218-7" />
@@ -9897,6 +9911,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Ensure /home Located On Separate Partition</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>If user home directories will be stored locally, create a
separate partition for /home. If /home will be mounted from another
@@ -9915,6 +9930,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Ensure /var Located On Separate Partition</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-26404-4" />
<reference ref_id="partition_for_var" source="ssg" />
@@ -9933,6 +9949,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Ensure /var/log/audit Located On Separate Partition</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-26971-2" />
<reference ref_id="partition_for_var_log_audit" source="ssg" />
@@ -9952,6 +9969,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<affected family="unix">
<platform>multi_platform_fedora</platform>
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>Verify the RPM digests of system binaries using the RPM database.</description>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27157-7" />
@@ -10026,6 +10044,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Ensure Only Protocol 2 Connections Allowed</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_debian</platform>
<platform>multi_platform_ubuntu</platform>
</affected>
@@ -10062,6 +10081,7 @@ The system call rules are loaded into a matching engine that intercepts each sys
<title>Disable .rhosts Files</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27377-1" />
<reference ref_id="sshd_disable_rhosts" source="ssg" />
@@ -10127,6 +10147,7 @@ This should be disabled.</description>
<title>Do Not Allow Users to Set Environment Options</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
</affected>
<description>PermitUserEnvironment should be disabled</description>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-27363-1" />
@@ -10476,6 +10497,7 @@ By specifying a cipher list with the order of ciphers being in a "strongest to w
<title>Package openssh-server is version 7.4 or higher</title>
<affected family="unix">
<platform>multi_platform_rhel</platform>
+<platform>multi_platform_almalinux</platform>
<platform>multi_platform_fedora</platform>
<platform>multi_platform_sle</platform>
</affected>
@@ -10712,12 +10734,12 @@ The ability to enable/disable a session lock is given to the user by default. Di
<description>The UEFI grub2 boot loader should have password protection enabled.</description>
<reference ref_url="http://cce.mitre.org" source="CCE" ref_id="CCE-80354-4" />
</metadata>
- <criteria operator="OR" comment="If we are NOT running RHEL 7.0 or 7.1 and /boot/efi/EFI/redhat/grub.cfg exists, THEN check for password and superuser settings in grub.cfg">
+ <criteria operator="OR" comment="If we are NOT running RHEL 7.0 or 7.1 and /boot/efi/EFI/almalinux/grub.cfg exists, THEN check for password and superuser settings in grub.cfg">
<criterion comment="Running RHEL 7.0 or 7.1?" test_ref="oval:mil.disa.stig.rhel7:tst:8658500" />
- <criterion comment="Pass if /boot/efi/EFI/redhat/grub.cfg does not exist" test_ref="oval:mil.disa.stig.rhel7:tst:913" />
+ <criterion comment="Pass if /boot/efi/EFI/almalinux/grub.cfg does not exist" test_ref="oval:mil.disa.stig.rhel7:tst:913" />
<criteria operator="AND">
- <criterion comment="make sure a password is defined in /boot/efi/EFI/redhat/user.cfg" test_ref="oval:mil.disa.stig.rhel7:tst:9571900" />
- <criterion comment="make sure a superuser is defined in /boot/efi/EFI/redhat/grub.cfg" test_ref="oval:mil.disa.stig.rhel7:tst:9571901" />
+ <criterion comment="make sure a password is defined in /boot/efi/EFI/almalinux/user.cfg" test_ref="oval:mil.disa.stig.rhel7:tst:9571900" />
+ <criterion comment="make sure a superuser is defined in /boot/efi/EFI/almalinux/grub.cfg" test_ref="oval:mil.disa.stig.rhel7:tst:9571901" />
</criteria>
</criteria>
</definition>
@@ -11662,7 +11684,7 @@ This requirement addresses concurrent sessions for information system accounts a
<file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="none_exist" comment="/boot/grub2/grub.cfg does not exist" id="oval:mil.disa.stig.rhel7:tst:909" version="1">
<object object_ref="oval:mil.disa.stig.rhel7:obj:2710" />
</file_test>
- <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="none_exist" comment="/boot/efi/EFI/redhat/grub.cfg does not exist" id="oval:mil.disa.stig.rhel7:tst:913" version="1">
+ <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="none_exist" comment="/boot/efi/EFI/almalinux/grub.cfg does not exist" id="oval:mil.disa.stig.rhel7:tst:913" version="1">
<object object_ref="oval:mil.disa.stig.rhel7:obj:2713" />
</file_test>
<textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="GUI banner is enabled" id="oval:mil.disa.stig.rhel7:tst:925" version="1">
@@ -12191,10 +12213,10 @@ This requirement addresses concurrent sessions for information system accounts a
<textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="superuser is defined in /boot/grub2/grub.cfg files." id="oval:mil.disa.stig.rhel7:tst:9571701" version="2">
<object object_ref="oval:mil.disa.stig.rhel7:obj:9571701" />
</textfilecontent54_test>
- <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="make sure a password is defined in /boot/efi/EFI/redhat/user.cfg" id="oval:mil.disa.stig.rhel7:tst:9571900" version="1">
+ <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="make sure a password is defined in /boot/efi/EFI/almalinux/user.cfg" id="oval:mil.disa.stig.rhel7:tst:9571900" version="1">
<object object_ref="oval:mil.disa.stig.rhel7:obj:9571900" />
</textfilecontent54_test>
- <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="superuser is defined in /boot/efi/EFI/redhat/grub.cfg." id="oval:mil.disa.stig.rhel7:tst:9571901" version="1">
+ <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="superuser is defined in /boot/efi/EFI/almalinux/grub.cfg." id="oval:mil.disa.stig.rhel7:tst:9571901" version="1">
<object object_ref="oval:mil.disa.stig.rhel7:obj:9571901" />
</textfilecontent54_test>
<textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="at_least_one_exists" comment="/etc/audisp/plugins.d/au-remote.conf active = yes" id="oval:mil.disa.stig.rhel7:tst:9572700" version="2">
@@ -13639,7 +13661,7 @@ This requirement addresses concurrent sessions for information system accounts a
<filepath>/boot/grub2/grub.cfg</filepath>
</file_object>
<file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" id="oval:mil.disa.stig.rhel7:obj:2713" version="2">
- <filepath operation="equals">/boot/efi/EFI/redhat/grub.cfg</filepath>
+ <filepath operation="equals">/boot/efi/EFI/almalinux/grub.cfg</filepath>
</file_object>
<textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel7:obj:2720" version="6">
<behaviors multiline="true" max_depth="1" recurse_direction="down" />
@@ -14441,12 +14463,12 @@ This requirement addresses concurrent sessions for information system accounts a
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
<textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel7:obj:9571900" version="2">
- <filepath operation="equals">/boot/efi/EFI/redhat/user.cfg</filepath>
+ <filepath operation="equals">/boot/efi/EFI/almalinux/user.cfg</filepath>
<pattern operation="pattern match">^[\s]*GRUB2_PASSWORD=grub\.pbkdf2\.sha512\.\S+$</pattern>
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
<textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" id="oval:mil.disa.stig.rhel7:obj:9571901" version="2">
- <filepath operation="equals">/boot/efi/EFI/redhat/grub.cfg</filepath>
+ <filepath operation="equals">/boot/efi/EFI/almalinux/grub.cfg</filepath>
<pattern operation="pattern match">^[\s]*set[\s]+superusers=\"\S+\"$</pattern>
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
@@ -15022,7 +15044,7 @@ This requirement addresses concurrent sessions for information system accounts a
<external_variable comment="Value of var_accounts_user_umask (the required umask) as string" datatype="string" id="oval:mil.disa.stig.rhel7:var:4211" version="1" />
<constant_variable datatype="string" id="oval:mil.disa.stig.rhel7:var:12600" comment="grub.cfg locations" version="2">
<value>/boot/grub2/grub.cfg</value>
- <value>/boot/efi/EFI/redhat/grub.cfg</value>
+ <value>/boot/efi/EFI/almalinux/grub.cfg</value>
</constant_variable>
<constant_variable datatype="string" comment="other sysctl configuration file locations" id="oval:mil.disa.stig.rhel7:var:14400" version="1">
<value>/etc/sysctl.d</value>
diff --git a/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml b/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
index a6e6e2c0b..6352e2e24 100644
--- a/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
+++ b/shared/references/disa-stig-rhel8-v1r10-xccdf-scap.xml
@@ -2549,7 +2549,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</xccdf:fixtext>
<dc:identifier>2921</dc:identifier>
</xccdf:reference>
<xccdf:ident system="http://cyber.mil/cci">CCI-000213</xccdf:ident>
- <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+ <xccdf:fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -10026,11 +10026,11 @@ Passwords need to be protected at all times, and encryption is the standard meth
</affected>
<description>If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.</description>
</metadata>
- <criteria operator="OR" comment="IF /boot/efi/EFI/redhat/grub.cfg exists, THEN verify a UEFI GRUB superuser password is configured.">
- <criterion comment="/boot/efi/EFI/redhat/grub.cfg exists." test_ref="oval:mil.disa.stig.rhel8:tst:10602" negate="true" />
+ <criteria operator="OR" comment="IF /boot/efi/EFI/almalinux/grub.cfg exists, THEN verify a UEFI GRUB superuser password is configured.">
+ <criterion comment="/boot/efi/EFI/almalinux/grub.cfg exists." test_ref="oval:mil.disa.stig.rhel8:tst:10602" negate="true" />
<criteria>
- <criterion comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." test_ref="oval:mil.disa.stig.rhel8:tst:10600" />
- <criterion comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." test_ref="oval:mil.disa.stig.rhel8:tst:10601" />
+ <criterion comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." test_ref="oval:mil.disa.stig.rhel8:tst:10600" />
+ <criterion comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." test_ref="oval:mil.disa.stig.rhel8:tst:10601" />
</criteria>
</criteria>
</definition>
@@ -10696,7 +10696,7 @@ Configuration settings are the set of parameters that can be changed in hardware
<description>The "nosuid" mount option causes the system not to execute "setuid" and "setgid" files with owner privileges. This option must be used for mounting any file system not containing approved "setuid" and "setguid" files. Executing files from untrusted file systems increases the opportunity for unprivileged users to attain unauthorized administrative access.</description>
</metadata>
<criteria operator="OR" comment="The system is UEFI or /boot is mounted and configured with the nosuid option">
- <criterion comment="/boot/efi/EFI/redhat/grub.cfg exists." test_ref="oval:mil.disa.stig.rhel8:tst:10602" />
+ <criterion comment="/boot/efi/EFI/almalinux/grub.cfg exists." test_ref="oval:mil.disa.stig.rhel8:tst:10602" />
<criteria>
<criterion test_ref="oval:mil.disa.stig.rhel8:tst:16200" comment="/boot is mounted an configured with the nosuid option." />
<criterion test_ref="oval:mil.disa.stig.rhel8:tst:16201" comment="If /boot is configured in /etc/fstab it is with the nosuid option." />
@@ -14092,15 +14092,15 @@ By limiting the number of attempts to meet the pwquality module complexity requi
<object object_ref="oval:mil.disa.stig.rhel8:obj:10501" />
<state state_ref="oval:mil.disa.stig.rhel8:ste:10500" />
</textfilecontent54_test>
- <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/efi/EFI/redhat/grub.cfg:superusers exists and has a name." id="oval:mil.disa.stig.rhel8:tst:10600" version="1">
+ <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers exists and has a name." id="oval:mil.disa.stig.rhel8:tst:10600" version="1">
<object object_ref="oval:mil.disa.stig.rhel8:obj:10600" />
<state state_ref="oval:mil.disa.stig.rhel8:ste:10600" />
</textfilecontent54_test>
- <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/efi/EFI/redhat/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." id="oval:mil.disa.stig.rhel8:tst:10601" version="1">
+ <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/efi/EFI/almalinux/user.cfg:GRUB2_PASSWORD exists and has a PBKDF2/SHA512 password assigned." id="oval:mil.disa.stig.rhel8:tst:10601" version="1">
<object object_ref="oval:mil.disa.stig.rhel8:obj:10601" />
<state state_ref="oval:mil.disa.stig.rhel8:ste:10601" />
</textfilecontent54_test>
- <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="all_exist" comment="/boot/efi/EFI/redhat/grub.cfg exists." id="oval:mil.disa.stig.rhel8:tst:10602" version="1">
+ <file_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" check="all" check_existence="all_exist" comment="/boot/efi/EFI/almalinux/grub.cfg exists." id="oval:mil.disa.stig.rhel8:tst:10602" version="1">
<object object_ref="oval:mil.disa.stig.rhel8:obj:10602" />
</file_test>
<textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" check="all" check_existence="all_exist" comment="/boot/grub2/grub.cfg:superusers exists and has a name." id="oval:mil.disa.stig.rhel8:tst:10700" version="1">
@@ -15677,18 +15677,18 @@ By limiting the number of attempts to meet the pwquality module complexity requi
<pattern operation="pattern match">^\s*SHA_CRYPT_MAX_ROUNDS\s+(\d+)\b</pattern>
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
- <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/efi/EFI/redhat/grub.cfg:superusers" id="oval:mil.disa.stig.rhel8:obj:10600" version="1">
- <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
+ <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/efi/EFI/almalinux/grub.cfg:superusers" id="oval:mil.disa.stig.rhel8:obj:10600" version="1">
+ <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
<pattern operation="pattern match">^\s*set\s+superusers\s*=\s*"(\w+)"\s*$</pattern>
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
- <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/efi/EFI/redhat/grubenv:kernelopts" id="oval:mil.disa.stig.rhel8:obj:10601" version="1">
- <filepath datatype="string">/boot/efi/EFI/redhat/user.cfg</filepath>
+ <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/efi/EFI/almalinux/grubenv:kernelopts" id="oval:mil.disa.stig.rhel8:obj:10601" version="1">
+ <filepath datatype="string">/boot/efi/EFI/almalinux/user.cfg</filepath>
<pattern operation="pattern match">^\s*GRUB2_PASSWORD=(\S+)\b</pattern>
<instance datatype="int" operation="greater than or equal">1</instance>
</textfilecontent54_object>
- <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" comment="/boot/efi/EFI/redhat/grub.cfg" id="oval:mil.disa.stig.rhel8:obj:10602" version="1">
- <filepath datatype="string">/boot/efi/EFI/redhat/grub.cfg</filepath>
+ <file_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" comment="/boot/efi/EFI/almalinux/grub.cfg" id="oval:mil.disa.stig.rhel8:obj:10602" version="1">
+ <filepath datatype="string">/boot/efi/EFI/almalinux/grub.cfg</filepath>
</file_object>
<textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="/boot/grub2/grub.cfg:superusers" id="oval:mil.disa.stig.rhel8:obj:10700" version="1">
<filepath datatype="string">/boot/grub2/grub.cfg</filepath>
diff --git a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
index 747e322d8..2fd54a056 100644
--- a/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
+++ b/shared/references/disa-stig-rhel8-v1r11-xccdf-manual.xml
@@ -376,7 +376,7 @@ SHA_CRYPT_MIN_ROUNDS 5000</fixtext><fix id="F-32877r809272_fix" /><check system=
If only one of "SHA_CRYPT_MIN_ROUNDS" or "SHA_CRYPT_MAX_ROUNDS" is set, and this value is below "5000", this is a finding.
-If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/redhat/user.cfg file.
+If both "SHA_CRYPT_MIN_ROUNDS" and "SHA_CRYPT_MAX_ROUNDS" are set, and the highest value for either is below "5000", this is a finding.</check-content></check></Rule></Group><Group id="V-230234"><title>SRG-OS-000080-GPOS-00048</title><description>&lt;GroupDescription&gt;&lt;/GroupDescription&gt;</description><Rule id="SV-230234r743922_rule" weight="10.0" severity="high"><version>RHEL-08-010140</version><title>RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance.</title><description>&lt;VulnDiscussion&gt;If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;false&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description><reference><dc:title>DPMS Target Red Hat Enterprise Linux 8</dc:title><dc:publisher>DISA</dc:publisher><dc:type>DPMS Target</dc:type><dc:subject>Red Hat Enterprise Linux 8</dc:subject><dc:identifier>2921</dc:identifier></reference><ident system="http://cyber.mil/cci">CCI-000213</ident><fixtext fixref="F-32878r743921_fix">Configure the system to require a grub bootloader password for the grub superusers account with the grub2-setpassword command, which creates/overwrites the /boot/efi/EFI/almalinux/user.cfg file.
Generate an encrypted grub2 password for the grub superusers account with the following command:
@@ -386,7 +386,7 @@ Confirm password:</fixtext><fix id="F-32878r743921_fix" /><check system="C-32903
Check to see if an encrypted grub superusers password is set. On systems that use UEFI, use the following command:
-$ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+$ sudo grep -iw grub2_password /boot/efi/EFI/almalinux/user.cfg
GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
@@ -6475,11 +6475,11 @@ password_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}
Generate a new grub.cfg file with the following command:
-$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
+$ sudo grub2-mkconfig -o /boot/efi/EFI/almalinux/grub.cfg</fixtext><fix id="F-47753r743811_fix" /><check system="C-47796r792981_chk"><check-content-ref href="Red_Hat_Enterprise_Linux_8_STIG.xml" name="M" /><check-content>For systems that use BIOS, this is Not Applicable.
Verify that a unique name is set as the "superusers" account:
-$ sudo grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+$ sudo grep -iw "superusers" /boot/efi/EFI/almalinux/grub.cfg
set superusers="[someuniquestringhere]"
export superusers
diff --git a/shared/templates/accounts_password/ansible.template b/shared/templates/accounts_password/ansible.template
index b324dc01a..6bcaeee57 100644
--- a/shared/templates/accounts_password/ansible.template
+++ b/shared/templates/accounts_password/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/shared/templates/accounts_password/bash.template b/shared/templates/accounts_password/bash.template
index 46e98c147..d1e49f5a0 100644
--- a/shared/templates/accounts_password/bash.template
+++ b/shared/templates/accounts_password/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_dac_modification/ansible.template b/shared/templates/audit_rules_dac_modification/ansible.template
index dc30ff3d3..d75b9981e 100644
--- a/shared/templates/audit_rules_dac_modification/ansible.template
+++ b/shared/templates/audit_rules_dac_modification/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_dac_modification/bash.template b/shared/templates/audit_rules_dac_modification/bash.template
index 9b57c6656..b5b584f0a 100644
--- a/shared/templates/audit_rules_dac_modification/bash.template
+++ b/shared/templates/audit_rules_dac_modification/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/shared/templates/audit_rules_file_deletion_events/ansible.template b/shared/templates/audit_rules_file_deletion_events/ansible.template
index 34d9b1bb7..54081378f 100644
--- a/shared/templates/audit_rules_file_deletion_events/ansible.template
+++ b/shared/templates/audit_rules_file_deletion_events/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_file_deletion_events/bash.template b/shared/templates/audit_rules_file_deletion_events/bash.template
index e7158afa9..02766651b 100644
--- a/shared/templates/audit_rules_file_deletion_events/bash.template
+++ b/shared/templates/audit_rules_file_deletion_events/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/shared/templates/audit_rules_login_events/ansible.template b/shared/templates/audit_rules_login_events/ansible.template
index 2ccdb5483..14fc6eb85 100644
--- a/shared/templates/audit_rules_login_events/ansible.template
+++ b/shared/templates/audit_rules_login_events/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_login_events/bash.template b/shared/templates/audit_rules_login_events/bash.template
index c94b10739..a7a1623c3 100644
--- a/shared/templates/audit_rules_login_events/bash.template
+++ b/shared/templates/audit_rules_login_events/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
diff --git a/shared/templates/audit_rules_path_syscall/ansible.template b/shared/templates/audit_rules_path_syscall/ansible.template
index 68b43b439..9d9ce2fad 100644
--- a/shared/templates/audit_rules_path_syscall/ansible.template
+++ b/shared/templates/audit_rules_path_syscall/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_path_syscall/bash.template b/shared/templates/audit_rules_path_syscall/bash.template
index 332c87def..cdcf6352c 100644
--- a/shared/templates/audit_rules_path_syscall/bash.template
+++ b/shared/templates/audit_rules_path_syscall/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/shared/templates/audit_rules_privileged_commands/ansible.template b/shared/templates/audit_rules_privileged_commands/ansible.template
index 0edc5c732..c8d61bd1f 100644
--- a/shared/templates/audit_rules_privileged_commands/ansible.template
+++ b/shared/templates/audit_rules_privileged_commands/ansible.template
@@ -1,7 +1,7 @@
{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x=" -F perm=x" %}}
{{%- endif %}}
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_privileged_commands/bash.template b/shared/templates/audit_rules_privileged_commands/bash.template
index 63dfcb06c..110b94caf 100644
--- a/shared/templates/audit_rules_privileged_commands/bash.template
+++ b/shared/templates/audit_rules_privileged_commands/bash.template
@@ -1,7 +1,7 @@
{{%- if product in ["fedora", "ol7", "ol8", "ol9", "rhel7", "rhel8", "rhel9", "sle12", "sle15", "ubuntu2004", "ubuntu2204"] %}}
{{%- set perm_x=" -F perm=x" %}}
{{%- endif %}}
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
ACTION_ARCH_FILTERS="-a always,exit"
OTHER_FILTERS="-F path={{{ PATH }}}{{{ perm_x }}}"
diff --git a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
index b2eb8c411..ef45fb0c6 100644
--- a/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
+++ b/shared/templates/audit_rules_privileged_commands/tests/auditctl_missing_perm_x.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
source common.sh
diff --git a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
index 2cfd69a19..f3c352227 100644
--- a/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
+++ b/shared/templates/audit_rules_privileged_commands/tests/augenrules_missing_perm_x.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux,multi_platform_sle,multi_platform_ubuntu
source common.sh
diff --git a/shared/templates/audit_rules_syscall_events/ansible.template b/shared/templates/audit_rules_syscall_events/ansible.template
index 16dec9827..5e953196e 100644
--- a/shared/templates/audit_rules_syscall_events/ansible.template
+++ b/shared/templates/audit_rules_syscall_events/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_syscall_events/bash.template b/shared/templates/audit_rules_syscall_events/bash.template
index bd5bb94cb..d1f68626a 100644
--- a/shared/templates/audit_rules_syscall_events/bash.template
+++ b/shared/templates/audit_rules_syscall_events/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
index 18d7dbd53..0b390b835 100644
--- a/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
+++ b/shared/templates/audit_rules_unsuccessful_file_modification/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
index ff9a4f5e3..ae7f6000e 100644
--- a/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
+++ b/shared/templates/audit_rules_unsuccessful_file_modification/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# First perform the remediation of the syscall rule
# Retrieve hardware architecture of the underlying system
diff --git a/shared/templates/audit_rules_usergroup_modification/ansible.template b/shared/templates/audit_rules_usergroup_modification/ansible.template
index 43063a18f..f0440e169 100644
--- a/shared/templates/audit_rules_usergroup_modification/ansible.template
+++ b/shared/templates/audit_rules_usergroup_modification/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/shared/templates/audit_rules_usergroup_modification/bash.template b/shared/templates/audit_rules_usergroup_modification/bash.template
index 62faac341..3461e4e29 100644
--- a/shared/templates/audit_rules_usergroup_modification/bash.template
+++ b/shared/templates/audit_rules_usergroup_modification/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu
# Perform the remediation for both possible tools: 'auditctl' and 'augenrules'
diff --git a/shared/templates/grub2_bootloader_argument/ansible.template b/shared/templates/grub2_bootloader_argument/ansible.template
index bebe5ccbc..11d89c67b 100644
--- a/shared/templates/grub2_bootloader_argument/ansible.template
+++ b/shared/templates/grub2_bootloader_argument/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = medium
diff --git a/shared/templates/grub2_bootloader_argument/bash.template b/shared/templates/grub2_bootloader_argument/bash.template
index 965f4d38e..7289a1c0c 100644
--- a/shared/templates/grub2_bootloader_argument/bash.template
+++ b/shared/templates/grub2_bootloader_argument/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
{{#
See the OVAL template for more comments.
Product-specific categorization should be synced across all template content types
diff --git a/shared/templates/grub2_bootloader_argument/blueprint.template b/shared/templates/grub2_bootloader_argument/blueprint.template
index 7e9ea909e..152f27303 100644
--- a/shared/templates/grub2_bootloader_argument/blueprint.template
+++ b/shared/templates/grub2_bootloader_argument/blueprint.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
{{%- if ARG_VARIABLE %}}
{{%- set ARG_NAME_VALUE = ARG_NAME ~ "=(blueprint-populate " ~ ARG_VARIABLE ~ ")" -%}}
{{%- endif %}}
diff --git a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
index 93907c794..289fcf4d9 100644
--- a/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/arg_not_there_etcdefaultgrub.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_almalinux
# packages = grub2,grubby
source common.sh
diff --git a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
index e84c6e619..3f0ec2ea8 100644
--- a/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/invalid_rescue.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# packages = grub2,grubby
{{%- if ARG_VARIABLE %}}
# variables = {{{ ARG_VARIABLE }}}=correct_value
diff --git a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
index c827721ef..597368b03 100644
--- a/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
+++ b/shared/templates/grub2_bootloader_argument/tests/wrong_value_entries.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 9,multi_platform_fedora
+# platform = Red Hat Enterprise Linux 9,AlmaLinux 9,multi_platform_fedora
# packages = grub2,grubby
source common.sh
diff --git a/shared/templates/grub2_bootloader_argument_absent/ansible.template b/shared/templates/grub2_bootloader_argument_absent/ansible.template
index 51fc98b7a..c6b147d87 100644
--- a/shared/templates/grub2_bootloader_argument_absent/ansible.template
+++ b/shared/templates/grub2_bootloader_argument_absent/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle
# reboot = true
# strategy = restrict
# complexity = medium
diff --git a/shared/templates/grub2_bootloader_argument_absent/bash.template b/shared/templates/grub2_bootloader_argument_absent/bash.template
index 8d7d6e9ea..18b900e51 100644
--- a/shared/templates/grub2_bootloader_argument_absent/bash.template
+++ b/shared/templates/grub2_bootloader_argument_absent/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
{{#
See the OVAL template for more comments.
Product-specific categorization should be synced across all template content types
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
index 46ca33623..76c1ce48e 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_there_etcdefaultgrub.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = grub2-tools,grubby
# Adds argument from kernel command line in /etc/default/grub
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
index e5ce738c3..c124317b3 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/arg_value_there_etcdefaultgrub.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = grub2-tools,grubby
# Adds argument with a value from kernel command line in /etc/default/grub
diff --git a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
index 511a64335..5402480ab 100644
--- a/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
+++ b/shared/templates/grub2_bootloader_argument_absent/tests/mising_arg_invalid_rescue.pass.sh
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = grub2,grubby
# Ensure the kernel command line for each installed kernel in the bootloader
diff --git a/shared/templates/kernel_module_disabled/ansible.template b/shared/templates/kernel_module_disabled/ansible.template
index ed7727e86..a8bdafa6b 100644
--- a/shared/templates/kernel_module_disabled/ansible.template
+++ b/shared/templates/kernel_module_disabled/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = true
# strategy = disable
# complexity = low
diff --git a/shared/templates/kernel_module_disabled/bash.template b/shared/templates/kernel_module_disabled/bash.template
index aa9030c27..d3af51ac4 100644
--- a/shared/templates/kernel_module_disabled/bash.template
+++ b/shared/templates/kernel_module_disabled/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = true
# strategy = disable
# complexity = low
diff --git a/shared/templates/kernel_module_disabled/kubernetes.template b/shared/templates/kernel_module_disabled/kubernetes.template
index bc678c80e..516c10ce4 100644
--- a/shared/templates/kernel_module_disabled/kubernetes.template
+++ b/shared/templates/kernel_module_disabled/kubernetes.template
@@ -1,5 +1,5 @@
---
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos
# reboot = true
# strategy = disable
# complexity = low
diff --git a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
index 175d5c8e6..4043fc0e2 100644
--- a/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
+++ b/shared/templates/kernel_module_disabled/tests/missing_blacklist.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_ol
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_ol
echo > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
echo "install {{{ KERNMODULE }}} /bin/true" > /etc/modprobe.d/{{{ KERNMODULE }}}.conf
diff --git a/shared/templates/mount/anaconda.template b/shared/templates/mount/anaconda.template
index fdcb4ee3e..0d1d8dc24 100644
--- a/shared/templates/mount/anaconda.template
+++ b/shared/templates/mount/anaconda.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/mount/blueprint.template b/shared/templates/mount/blueprint.template
index 56617467d..3cdacd4db 100644
--- a/shared/templates/mount/blueprint.template
+++ b/shared/templates/mount/blueprint.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora
[[customizations.filesystem]]
mountpoint = "{{{ MOUNTPOINT }}}"
diff --git a/shared/templates/mount_option/anaconda.template b/shared/templates/mount_option/anaconda.template
index 083b0ef00..14f7018a9 100644
--- a/shared/templates/mount_option/anaconda.template
+++ b/shared/templates/mount_option/anaconda.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/mount_option_removable_partitions/anaconda.template b/shared/templates/mount_option_removable_partitions/anaconda.template
index 8665fb913..07cd9e3ad 100644
--- a/shared/templates/mount_option_removable_partitions/anaconda.template
+++ b/shared/templates/mount_option_removable_partitions/anaconda.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/package_installed/anaconda.template b/shared/templates/package_installed/anaconda.template
index 0ac55f51f..dd0bcddea 100644
--- a/shared/templates/package_installed/anaconda.template
+++ b/shared/templates/package_installed/anaconda.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/package_installed/bash.template b/shared/templates/package_installed/bash.template
index 473feef5c..ef56a56a6 100644
--- a/shared/templates/package_installed/bash.template
+++ b/shared/templates/package_installed/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/package_removed/anaconda.template b/shared/templates/package_removed/anaconda.template
index 489f9bb0f..0120d927c 100644
--- a/shared/templates/package_removed/anaconda.template
+++ b/shared/templates/package_removed/anaconda.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = disable
# complexity = low
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
index 0fa452ba0..8e9abbe3a 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
index 54804685b..1c4b4f3e1 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_correct_attr_include.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
index 25430db03..a391a419a 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
index b58e73893..7ad174810 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_lenient_attr_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
index dc362ae00..36867bb2b 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/legacy_stricter_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
index 4aef9fb84..0b7cbcd5f 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
index 203f640f5..a127500e8 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_correct_attr_include.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
index 87df70e28..6ebb9ae05 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_cloudinit.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
index 0d6d82cae..2bf2df736 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
index 8f52d8c83..7b98fb7eb 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_legacy_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
index 93fa29a30..ff6ca3f66 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
index 48113c1f2..e8207afb7 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_lenient_attr_rainer_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
index c1c5758d8..3e7441a4a 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/mixed_stricter_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
index 3d3bbbd8e..ae10153cd 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
index 96e9ddaf3..8c8a59a3a 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_include.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
index ec9296694..6bd64894b 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_correct_attr_multiline_include.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
index b17eb6b74..1d9caba98 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
index 40939f967..cd79713a4 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_attr_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
index 6acb37ad7..d235e6249 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_lenient_multiline_attr_include.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
index abdb09c48..9cc24d061 100755
--- a/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
+++ b/shared/templates/rsyslog_logfiles_attributes_modify/tests/rainer_stricter_attr.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_sle
# Declare variables used for the tests and define the create_rsyslog_test_logs function
source $SHARED/rsyslog_log_utils.sh
diff --git a/shared/templates/sebool/ansible.template b/shared/templates/sebool/ansible.template
index d17eaee45..bf4667ece 100644
--- a/shared/templates/sebool/ansible.template
+++ b/shared/templates/sebool/ansible.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/sebool/bash.template b/shared/templates/sebool/bash.template
index 9af019254..dcab00908 100644
--- a/shared/templates/sebool/bash.template
+++ b/shared/templates/sebool/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,SUSE Linux Enterprise 15
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/service_disabled/bash.template b/shared/templates/service_disabled/bash.template
index 27666b03b..c5305b1a9 100644
--- a/shared/templates/service_disabled/bash.template
+++ b/shared/templates/service_disabled/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_sle,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = disable
# complexity = low
diff --git a/shared/templates/service_disabled/kubernetes.template b/shared/templates/service_disabled/kubernetes.template
index 1ab456524..724e7b779 100644
--- a/shared/templates/service_disabled/kubernetes.template
+++ b/shared/templates/service_disabled/kubernetes.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ocp,multi_platform_rhcos,multi_platform_ubuntu
# reboot = true
# strategy = disable
# complexity = low
diff --git a/shared/templates/service_enabled/bash.template b/shared/templates/service_enabled/bash.template
index 00fd1ee2f..2d99ec854 100644
--- a/shared/templates/service_enabled/bash.template
+++ b/shared/templates/service_enabled/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = false
# strategy = enable
# complexity = low
diff --git a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
index c739dc1b9..9c66fb782 100644
--- a/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
+++ b/shared/templates/sshd_lineinfile/tests/correct_value_directory.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
source common.sh
diff --git a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
index 3d6dcd275..61bc7c77e 100644
--- a/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
+++ b/shared/templates/sshd_lineinfile/tests/duplicated_param_directory.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
mkdir -p /etc/ssh/sshd_config.d
touch /etc/ssh/sshd_config.d/nothing
diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
index 1e32fc1db..87823dd84 100644
--- a/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
+++ b/shared/templates/sshd_lineinfile/tests/param_conflict_directory.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_PARAM={{{ PARAMETER }}}
SSHD_VAL={{{ VALUE }}}
diff --git a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
index a8f4bc7a3..f8c01d772 100644
--- a/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
+++ b/shared/templates/sshd_lineinfile/tests/param_conflict_file_with_directory.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_PARAM={{{ PARAMETER }}}
SSHD_VAL={{{ VALUE }}}
diff --git a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
index b11645c38..22b3f34fa 100644
--- a/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
+++ b/shared/templates/sshd_lineinfile/tests/wrong_value_directory.fail.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 9,AlmaLinux 9
SSHD_PARAM={{{ PARAMETER }}}
SSHD_VAL="bad_val"
diff --git a/shared/templates/sysctl/bash.template b/shared/templates/sysctl/bash.template
index 49e4d949b..e1bb820c7 100644
--- a/shared/templates/sysctl/bash.template
+++ b/shared/templates/sysctl/bash.template
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv,multi_platform_ubuntu,multi_platform_sle
# reboot = true
# strategy = disable
# complexity = low
diff --git a/shared/templates/zipl_bls_entries_option/ansible.template b/shared/templates/zipl_bls_entries_option/ansible.template
index 336775e4f..854f90a24 100644
--- a/shared/templates/zipl_bls_entries_option/ansible.template
+++ b/shared/templates/zipl_bls_entries_option/ansible.template
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# reboot = true
# strategy = configure
# complexity = medium
diff --git a/shared/templates/zipl_bls_entries_option/bash.template b/shared/templates/zipl_bls_entries_option/bash.template
index 25cd7432c..1ba5c29b7 100644
--- a/shared/templates/zipl_bls_entries_option/bash.template
+++ b/shared/templates/zipl_bls_entries_option/bash.template
@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# Correct BLS option using grubby, which is a thin wrapper around BLS operations
grubby --update-kernel=ALL --args="{{{ ARG_NAME }}}={{{ ARG_VALUE }}}"
diff --git a/ssg/constants.py b/ssg/constants.py
index a2d759535..75ed106be 100644
--- a/ssg/constants.py
+++ b/ssg/constants.py
@@ -39,6 +39,7 @@ SSG_REF_URIS = {
product_directories = [
'alinux2',
'alinux3',
+ 'almalinux9',
'anolis8',
'anolis23',
'chromium',
@@ -194,6 +195,7 @@ PKG_MANAGER_TO_CONFIG_FILE = {
FULL_NAME_TO_PRODUCT_MAPPING = {
"Alibaba Cloud Linux 2": "alinux2",
"Alibaba Cloud Linux 3": "alinux3",
+ "AlmaLinux 9": "almalinux9",
"Anolis OS 8": "anolis8",
"Anolis OS 23": "anolis23",
"Chromium": "chromium",
@@ -270,12 +272,13 @@ REFERENCES = dict(
)
-MULTI_PLATFORM_LIST = ["rhel", "fedora", "rhv", "debian", "ubuntu",
+MULTI_PLATFORM_LIST = ["almalinux", "rhel", "fedora", "rhv", "debian", "ubuntu",
"opensuse", "sle", "ol", "ocp", "rhcos",
"example", "eks", "alinux", "uos", "anolis"]
MULTI_PLATFORM_MAPPING = {
"multi_platform_alinux": ["alinux2", "alinux3"],
+ "multi_platform_almalinux": ["almalinux9"],
"multi_platform_anolis": ["anolis8", "anolis23"],
"multi_platform_debian": ["debian10", "debian11"],
"multi_platform_example": ["example"],
@@ -440,6 +443,7 @@ XCCDF_PLATFORM_TO_PACKAGE = {
# _version_name_map = {
MAKEFILE_ID_TO_PRODUCT_MAP = {
'alinux': 'Alibaba Cloud Linux',
+ 'almalinux': 'AlmaLinux',
'anolis': 'Anolis OS',
'chromium': 'Google Chromium Browser',
'fedora': 'Fedora',
diff --git a/tests/unit/ssg-module/data/accounts_tmout.yml b/tests/unit/ssg-module/data/accounts_tmout.yml
index e8400ed73..fd670da9a 100644
--- a/tests/unit/ssg-module/data/accounts_tmout.yml
+++ b/tests/unit/ssg-module/data/accounts_tmout.yml
@@ -1,4 +1,4 @@
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: Set Interactive Session Timeout
description: 'Setting the <tt>TMOUT</tt> option in <tt>/etc/profile</tt> ensures that
diff --git a/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml b/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
index 1feaeb55c..0dcddd023 100644
--- a/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
+++ b/tests/unit/ssg-module/data/accounts_tmout_without_ocil.yml
@@ -1,4 +1,4 @@
-prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,almalinux9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204
title: Set Interactive Session Timeout
description: 'Setting the <tt>TMOUT</tt> option in <tt>/etc/profile</tt> ensures that
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
index ff0b30f03..0116294f1 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
+++ b/tests/unit/ssg-module/test_playbook_builder_data/fixes/selinux_state.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
index f4f480be7..355ed7adf 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol8,rhcos4,rhel8,rhel9,rhv4
+prodtype: fedora,ol8,rhcos4,rhel8,rhel9,almalinux9,rhv4
title: 'Configure System Cryptography Policy'
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
index b607202c5..175381afb 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_and_current_same_time.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = crypto-policies-scripts
# IMPORTANT: This is a false negative scenario.
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
index e5b598342..5608d4124 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/config_newer_than_current.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# packages = crypto-policies-scripts
update-crypto-policies --set "DEFAULT"
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
index 7be3c82f3..96c42acfe 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_nss_config.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
index 261dc3f96..2cde26d7d 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
index 356aa3ffe..caba47b8c 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/missing_policy_file.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
index 06bd713dd..5d4abd801 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_file.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
index 56a081eca..aa25f4415 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
index 10cb25593..ff169499c 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_cis_l1.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_cis_server_l1,xccdf_org.ssgproject.content_profile_cis_workstation_l1
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
index a2107d146..6964ade32 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_nosha1_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_e8
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
index b06e035fa..a3c503b8d 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_default_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
index 6679f94bd..cc37b1c9d 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
index 116f6b676..15611d80e 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/policy_future_cis_l2.pass.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_cis,xccdf_org.ssgproject.content_profile_cis_workstation_l2
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
index 9461c3ddd..6b048f2f5 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/configure_crypto_policy/tests/wrong_policy.fail.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,AlmaLinux 9
# profiles = xccdf_org.ssgproject.content_profile_ospp, xccdf_org.ssgproject.content_profile_standard
# packages = crypto-policies-scripts
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
index 5becd90b7..691abaf09 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/package_abrt_removed/rule.yml
@@ -1,6 +1,6 @@
documentation_complete: true
-prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9
+prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,almalinux9
title: 'Uninstall Automatic Bug Reporting Tool (abrt)'
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
index 1c1560a86..fc86b614e 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/ansible/shared.yml
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = false
# strategy = restrict
# complexity = low
diff --git a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
index 10ecee505..3d3098f4e 100644
--- a/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
+++ b/tests/unit/ssg-module/test_playbook_builder_data/guide/selinux_state/bash/shared.sh
@@ -1,4 +1,4 @@
-# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
+# platform = multi_platform_rhel,multi_platform_almalinux,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = true
# strategy = restrict
# complexity = low
diff --git a/tests/unit/ssg_test_suite/data/correct.pass.sh b/tests/unit/ssg_test_suite/data/correct.pass.sh
index 8e5e284ee..ce1b79416 100644
--- a/tests/unit/ssg_test_suite/data/correct.pass.sh
+++ b/tests/unit/ssg_test_suite/data/correct.pass.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# packages = sudo,authselect
-# platform = multi_platform_rhel,Fedora
+# platform = multi_platform_rhel,multi_platform_almalinux,Fedora
# profiles = xccdf_org.ssgproject.content_profile_cis
# remediation = none
# variables = var_password_pam_remember=5,var_password_pam_remember_control_flag=requisite
diff --git a/utils/ansible_playbook_to_role.py b/utils/ansible_playbook_to_role.py
index 60eaf4402..e5d7fc005 100755
--- a/utils/ansible_playbook_to_role.py
+++ b/utils/ansible_playbook_to_role.py
@@ -58,6 +58,7 @@ yaml.add_constructor(_mapping_tag, dict_constructor)
PRODUCT_ALLOWLIST = set([
"rhel7",
"rhel8",
+ "almalinux9",
])
PROFILE_ALLOWLIST = set([
Reference in New Issue View Git Blame Copy Permalink