Christopher Rice
Christopher Rice
**Describe the Issue** The control for RHEL-08-010740 looks at all UIDs greater than `rhel8stig_interactive_uid_start` but fails to account for `rhel8stig_interactive_uid_stop`. This causes the `nobody` user, UID 65534, to incorrectly be...
**Overall Review of Changes:** Adds missing check for UID range **Issue Fixes:** - #134 **How has this been tested?:** Tested against VM to ensure the `nobody` user (UID 65534) was...
**Describe the Issue** When applying `RHEL-08-010295`, RHEL8-STIG looks for `+VERS-ALL:` and then applies the contents of the `rhel8stig_gnutls_encryption` after it using `backrefs`. However, this causes `+VERS-ALL:` to be added again...
**Describe the Issue** The regex for `RHEL-08-020040` is incomplete, causing other lines in the configuration to get overwritten (as they match the regex first) -- even if the intended line...
**Overall Review of Changes:** - Fixes regex for RHEL-08-020040, to eliminate overwriting of other configuration lines (`set -g` is the beginning of EVERY LINE in a config, not just the...
Question regarding RHEL-08-010290 / RHEL-08-010291: Enabling FIPS mode even if not required by STIG?
## Question In `fix-cat2.yml`, RHEL-08-010290 and RHEL-08-010291 are in a block together and enable fix mode before applying the Fix Text. The latest revisions of the STIG don't call for...
**Overall Review of Changes:** Fixes problem discussed in #126 with proposed template solution -- no longer writes directly over `grub.cfg` which would get overwritten. May be some variables this deprecates,...
**Describe the Issue** The current implementation of `RHEL-08-040090` does not implement the `drop` target for the firewall zone when created, meaning after running this control, the finding is still present....
**Describe the Issue** In the created `01-banner-message` file in `/etc/dconf/db/local.d/`, the `banner-message-text` is configured but the enable variable is missing. This causes the banner to not show on the login...
**Describe the Issue** Changes to the Superuser section of the `grub.cfg` file are done via `/etc/grub.d/01_users`. The RHEL8-STIG role currently applies these changes directly to the `/boot/efi/EFI/redhat/grub.cfg` which causes them...