Marcus Burghardt
Marcus Burghardt
SLE uses the pam_tally2.so module instead - This PR partially fixes https://github.com/ComplianceAsCode/content/issues/7564
#### Description of problem: The `configure_bashrc_exec_tmux` is failing after remediation #### SCAP Security Guide Version: master #### Operating System Version: RHEL8 and RHEL9 #### Actual Results: xccdf_org.ssgproject.content_rule_configure_bashrc_exec_tmux - fail ####...
#### Description of problem: By the https://github.com/ComplianceAsCode/content/pull/9097 PR, new Ansible macros were introduced to standardize and simplify the remediation for PAM related rules. These macros are in alignment to the...
#### Description of problem: The `display_login_attempts` is mentioning the following statement in its description: ``` And make sure that the silent option is not set for pam_lastlog module. ``` -...
#### Description of problem: The following rules intend to adjust the `umask` value in different files: - accounts_umask_etc_bashrc - accounts_umask_etc_csh_cshrc - accounts_umask_etc_login_defs - accounts_umask_etc_profile - accounts_umask_interactive_users While the `accounts_umask_interactive_users` is...
#### Description: There are two rules for the same purpose of assessing the `pam_faillock.so` dir parameter. The `account_passwords_pam_faillock_dir` (without s in account) only contains the rule definition, but no OVAL...
#### Description: All other pam_faillock.so parameters related rules follow a different standard. It was basically renamed `account_passwords_pam_faillock_audit` to `accounts_passwords_pam_faillock_audit`. #### Rationale: Better sooner than later.
#### Description of problem: It is not clear the value of the `test_crypto_policies_updated` OVAL test in `configure_crypto_policy` considering there is already two tests confirming both `/etc/crypto-policy/config` and `/etc/crypto-policy/state/current` files are...
#### Description of problem: This rule was introduced by https://github.com/ComplianceAsCode/content/pull/10390. It is failing after remediation when checking `CIS Server Level 2` profile. #### SCAP Security Guide Version: master branch as...
#### Description of problem: This error was caught in `test-farm` tests using the `pci-dss v4` profile. By looking the tests logs it was not found which file was making the...