Skip to content

Commit

Permalink
rhel9 stig_gui: add rule back, it stays informational and does no harm
Browse files Browse the repository at this point in the history
  • Loading branch information
@vojtapolasek
vojtapolasek committed Jan 14, 2025
1 parent bd7e63b commit 8bcd3d4
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 4 deletions.
4 changes: 0 additions & 4 deletions products/rhel9/profiles/stig_gui.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,5 @@ selections:
# RHEL-09-215025
- '!package_nfs-utils_removed'

# RHEL-09-213105
# Limiting user namespaces cause issues with user apps, such as Firefox and Cheese
# https://issues.redhat.com/browse/RHEL-10416
- '!sysctl_user_max_user_namespaces'
# locking of idle sessions is handled by screensaver when GUI is present, the following rule is therefore redundant
- '!logind_session_timeout'
3 changes: 3 additions & 0 deletions tests/data/profile_stability/rhel9/stig_gui.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -515,6 +515,9 @@ selections:
- sysctl_net_ipv6_conf_default_accept_ra
- sysctl_net_ipv6_conf_default_accept_redirects
- sysctl_net_ipv6_conf_default_accept_source_route
- sysctl_user_max_user_namespaces
- sysctl_user_max_user_namespaces.role=unscored
- sysctl_user_max_user_namespaces.severity=info
- usbguard_generate_policy
- use_pam_wheel_for_su
- wireless_disable_interfaces
Expand Down

0 comments on commit 8bcd3d4

Please sign in to comment.