Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rhel10: use new rule for auditing of changes to selinux configuration #12826

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

vojtapolasek
Copy link
Collaborator

Description:

  • create new rule audit_rules_mac_modification_etc_selinux
  • add rule to rhel10 profiles instead of audit_rules_mac_modification

Rationale: MAC as explained in discussion in

Review Hints:

  • run automatus tests

the rule audit_rules_mac_modification is becoming applicable for multiple products.
This new rule should make our live simpler in the future by being templated and selinux-specific.
@vojtapolasek vojtapolasek added New Rule Issues or pull requests related to new Rules. CIS CIS Benchmark related. ANSSI ANSSI Benchmark related. pci-dss RHEL10 Red Hat Enterprise Linux 10 product related. labels Jan 15, 2025
@vojtapolasek vojtapolasek added this to the 0.1.76 milestone Jan 15, 2025
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

mpurg added a commit to mpurg/ComplianceAsCode that referenced this pull request Jan 15, 2025
Copy link

codeclimate bot commented Jan 15, 2025

Code Climate has analyzed commit bd64cc2 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 61.8% (0.0% change).

View more on Code Climate.

@@ -117,7 +117,11 @@ controls:
- audit_rules_privileged_commands_unix_chkpwd
- audit_rules_privileged_commands_userhelper
- audit_rules_immutable
{{% if product == "rhel10" %}}
- audit_rules_mac_modification_etc_selinux
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The rule audit_rules_mac_modification is a part of multiple controls in this HIPAA control file. If you want to make sure this rule isn't present in the RHEL 10 data stream you need to take care of all occurrences of it in this control file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ANSSI ANSSI Benchmark related. CIS CIS Benchmark related. New Rule Issues or pull requests related to new Rules. pci-dss RHEL10 Red Hat Enterprise Linux 10 product related.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants