Update RHEL 10 Test Platforms

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_extra_permission_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_correct_without_key_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_remove_all_rules_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/auditctl_wrong_rule_without_key_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 {{{ setup_auditctl_environment() }}}

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_extra_permission_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_correct_without_key_cis.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_remove_all_rules_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests/augenrules_wrong_rule_without_key_cis.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = audit
-# platform = Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9
+# platform = multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_cis
 
 path="/var/run/faillock"

linux_os/guide/services/ssh/ssh_server/sshd_rekey_limit/tests/rhel9_ospp_ok.pass.sh

@@ -1,4 +1,4 @@
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 
 mkdir -p /etc/ssh/sshd_config.d

linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml

@@ -10,7 +10,7 @@ description: |-
     <pre>[pam]
     pam_cert_auth = True
     </pre>
-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "ol9"] or 'rhel' in product %}}
     Add or update "pam_sss.so" line in auth section of "/etc/pam.d/system-auth" file to include
     "try_cert_auth" or "require_cert_auth" option, like in the following example:
     <pre>
@@ -58,7 +58,7 @@ ocil: |-
     If configured properly, output should be
     <pre>pam_cert_auth = True</pre>
 
-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "ol9"] or 'rhel' in product %}}
     To verify that smart cards are enabled in PAM files, run the following command:
     <pre>$ sudo grep -e "auth.*pam_sss\.so.*\(allow_missing_name\|try_cert_auth\)" /etc/pam.d/smartcard-auth /etc/pam.d/system-auth</pre>
     If configured properly, output should be
@@ -73,7 +73,7 @@ fixtext: |-
 
     pam_cert_auth = True
 
-    {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9"] %}}
+    {{% if product in ["fedora", "ol8", "ol9"] or 'rhel' in product %}}
     Enable the <tt>with-smartcard</tt> feature using the <tt>authselect</tt> command:
     sudo authselect enable-feature with-smartcard
     sudo authselect apply-changes -b

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/correct_value.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_password_auth/tests/no_value.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/correct_value.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_pam_faillock_system_auth/tests/no_value.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 authselect create-profile test_profile -b sssd
 authselect select "custom/test_profile" --force

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/conflicting_settings_authselect.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 source common.sh
 

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_audit/tests/expected_faillock_conf.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 source common.sh
 

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/tests/conflicting_settings_authselect.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 pam_files=("password-auth" "system-auth")
 
@@ -20,7 +20,7 @@ for file in ${pam_files[@]}; do
     if grep -qP "auth.*faillock\.so.*preauth" $CUSTOM_PROFILE_DIR/$file; then
         sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/even_deny_root/" \
             "$CUSTOM_PROFILE_DIR/$file"
-    else 
+    else
         sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth even_deny_root" \
         "$CUSTOM_PROFILE_DIR/$file"
     fi

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_commented.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # variables = var_password_pam_retry=3
 
 source common.sh

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # variables = var_password_pam_retry=3
 
 source common.sh

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_correct_with_space.pass.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # variables = var_password_pam_retry=3
 
 source common.sh

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_overriden.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # variables = var_password_pam_retry=3
 
 source common.sh

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/tests/pwquality_conf_wrong.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # variables = var_password_pam_retry=3
 
 source common.sh

linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/system_default.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*

linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_0.fail.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*

linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_1.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*

linux_os/guide/system/permissions/restrictions/sysctl_kernel_unprivileged_bpf_disabled_accept_default/tests/value_2.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Red Hat Enterprise Linux 9
+# platform = Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10
 
 # Clean sysctl config directories
 rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/*

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_and_current_same_time.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # packages = crypto-policies-scripts
 
 # IMPORTANT: This is a false negative scenario.

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/config_newer_than_current.fail.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # packages = crypto-policies-scripts
 
 update-crypto-policies --set "DEFAULT"

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/missing_nss_config.fail.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_file.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/nss_config_as_symlink.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 

linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/tests/policy_fips_ospp_set.pass.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 # profiles = xccdf_org.ssgproject.content_profile_ospp
 # packages = crypto-policies-scripts
 

shared/templates/pam_account_password_faillock/tests/conflicting_settings_authselect.fail.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 # packages = authselect,pam
-# platform = Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9
+# platform = Oracle Linux 8,Oracle Linux 9,multi_platform_rhel
 
 {{{ tests_init_faillock_vars("correct") }}}
 
@@ -23,7 +23,7 @@ for file in ${pam_files[@]}; do
     if grep -qP "auth.*faillock\.so.*preauth" $CUSTOM_PROFILE_DIR/$file; then
         sed -i "/^\s*auth.*faillock\.so.*preauth/ s/$/$PRM_NAME=$TEST_VALUE/" \
             "$CUSTOM_PROFILE_DIR/$file"
-    else 
+    else
         sed -i "0,/^\s*auth.*/i auth required pam_faillock.so preauth $PRM_NAME=$TEST_VALUE" \
         "$CUSTOM_PROFILE_DIR/$file"
     fi