From a2398c01d86f01bfcb005f644e3ea0bff5a64ea6 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 15 Apr 2024 12:27:29 +0100
Subject: [PATCH] renamed tests due to dupes

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 Cat_1/RHEL-07-010290.yml |  4 ++--
 Cat_1/RHEL-07-010291.yml |  4 ++--
 Cat_2/RHEL-07-020029.yml |  3 ++-
 Cat_2/RHEL-07-020101.yml |  4 ++--
 Cat_2/RHEL-07-021620.yml |  3 ++-
 Cat_2/RHEL-07-030630.yml | 14 +++++++-------
 Cat_2/RHEL-07-030700.yml |  1 -
 Cat_2/RHEL-07-030710.yml |  1 -
 Cat_2/RHEL-07-030740.yml |  1 -
 Cat_2/RHEL-07-040110.yml |  2 +-
 Cat_2/RHEL-07-040180.yml |  3 ++-
 Cat_2/RHEL-07-040190.yml |  3 ++-
 Cat_2/RHEL-07-040200.yml |  3 ++-
 Cat_2/RHEL-07-040712.yml |  2 +-
 Cat_3/RHEL-07-021600.yml |  3 ++-
 15 files changed, 27 insertions(+), 24 deletions(-)

diff --git a/Cat_1/RHEL-07-010290.yml b/Cat_1/RHEL-07-010290.yml
index 307ec5a..a9c7fd8 100644
--- a/Cat_1/RHEL-07-010290.yml
+++ b/Cat_1/RHEL-07-010290.yml
@@ -1,10 +1,10 @@
 {{ if .Vars.RHEL_07_010290 }}
 command:
-  check_nullok:
+  check_nullok_pam:
     title: RHEL_07_010290 | The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords.
     exec: "grep nullok /etc/pam.d/system-auth /etc/pam.d/password-auth"
     exit-status: 1
-    stdout: 
+    stdout:
     - '!/./'
     meta:
       Cat: 1
diff --git a/Cat_1/RHEL-07-010291.yml b/Cat_1/RHEL-07-010291.yml
index 307553b..93a9bcc 100644
--- a/Cat_1/RHEL-07-010291.yml
+++ b/Cat_1/RHEL-07-010291.yml
@@ -1,10 +1,10 @@
 {{ if .Vars.RHEL_07_010291 }}
 command:
-  check_nullok:
+  check_nullok_shadow:
     title: RHEL_07_010291 | The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.
     exec: "awk -F: '!$2 {print $1}' /etc/shadow"
     exit-status: 0
-    stdout: 
+    stdout:
     - '!/./'
     meta:
       Cat: 1
diff --git a/Cat_2/RHEL-07-020029.yml b/Cat_2/RHEL-07-020029.yml
index 7e489b7..c82f412 100644
--- a/Cat_2/RHEL-07-020029.yml
+++ b/Cat_2/RHEL-07-020029.yml
@@ -1,7 +1,8 @@
 {{ if .Vars.RHEL_07_020029 }}
 package:
-  aide:
+  aide_installed:
     title: RHEL-07-020029 | Must use a file integrity tool to verify correct operation of all security functions | package
+    name: aide
     installed: true
     meta:
       Cat: 2
diff --git a/Cat_2/RHEL-07-020101.yml b/Cat_2/RHEL-07-020101.yml
index 3f6a9d1..06c2d6b 100644
--- a/Cat_2/RHEL-07-020101.yml
+++ b/Cat_2/RHEL-07-020101.yml
@@ -1,6 +1,6 @@
 {{ if .Vars.RHEL_07_020101 }}
 command:
-  modprobe_dccp:
+  modprobe_dccp_module:
     title: RHEL-07-020101 | Must be configured so that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled unless required.
     exec: grep dccp /etc/modprobe.d/dccp.conf
     exit-status: 0
@@ -27,7 +27,7 @@ command:
       Rule_ID: SV-204450r942897_rule
       STIG_ID: RHEL-07-020101
       Vul_ID: V-204450
-  modprobe_dccp:
+  modprobe_dccp_loaded:
     title: RHEL-07-020101 | Must be configured so that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled unless required. | running
     exit-status: 0
     exec: 'modprobe -n -v dccp'
diff --git a/Cat_2/RHEL-07-021620.yml b/Cat_2/RHEL-07-021620.yml
index 210112a..b012f01 100644
--- a/Cat_2/RHEL-07-021620.yml
+++ b/Cat_2/RHEL-07-021620.yml
@@ -1,8 +1,9 @@
 {{ if .Vars.RHEL_07_021620 }}
 package:
-  aide:
+  aide_fips:
     title: RHEL-07-021620 | Must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories.
     installed: true
+    name: aide
     meta:
       Cat: 2
       CCI: CCI-000366
diff --git a/Cat_2/RHEL-07-030630.yml b/Cat_2/RHEL-07-030630.yml
index 94c827c..f4b3b16 100644
--- a/Cat_2/RHEL-07-030630.yml
+++ b/Cat_2/RHEL-07-030630.yml
@@ -1,11 +1,11 @@
 {{ if .Vars.RHEL_07_030630 }}
 command:
-  semanage_auditd_rules:
-    title: RHEL-07-030630 | Must audit all uses of the semanage command. | config
+  password_auditd_rules:
+    title: RHEL-07-030630 | The Red Hat Enterprise Linux operating system must audit all uses of the passwd command. | config
     exec: grep -i semanage /etc/audit/rules.d/99_auditd.rules
     exit-status: 0
     stdout:
-    - '/^-a always,exit -F path=/usr/sbin/semanage -F auid>={{ .Vars.rhel7stig_int_uid }} -F auid!=(4294967295|unset) -k privileged-priv_change/'
+    - '/^-a always,exit -F path=/usr/sbin/passwd -F auid>={{ .Vars.rhel7stig_int_uid }} -F auid!=(4294967295|unset) -k privileged-passwd/'
     meta:
       Cat: 2
       CCI:
@@ -16,12 +16,12 @@ command:
       Rule_ID: SV-204542r833121_rule
       STIG_ID: RHEL-07-030630
       Vul_ID: V-204542
-  audit_semanage_running:
-    title: RHEL-07-030630 | Must audit all uses of the semanage command. | running
-    exec: auditctl -l | grep -w "semanage"
+  password_semanage_running:
+    title: RHEL-07-030630 | The Red Hat Enterprise Linux operating system must audit all uses of the passwd command. | running
+    exec: auditctl -l | grep -w "/passwd"
     exit-status: 0
     stdout:
-    - '/^-a always,exit -S all -F path=/usr/sbin/semanage -F auid>={{ .Vars.rhel7stig_int_uid }} -F auid!=(4294967295|unset|-1) -F key=privileged-priv_change/'
+    - '/^-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid> auid>={{ .Vars.rhel7stig_int_uid }} -F auid!=(4294967295|unset|-1) -F key=privileged-passwd/'
     meta:
       Cat: 2
       CCI:
diff --git a/Cat_2/RHEL-07-030700.yml b/Cat_2/RHEL-07-030700.yml
index 6d482e2..a561685 100644
--- a/Cat_2/RHEL-07-030700.yml
+++ b/Cat_2/RHEL-07-030700.yml
@@ -17,7 +17,6 @@ command:
       Rule_ID: SV-204549r603261_rule
       STIG_ID: RHEL-07-030700
       Vul_ID: V-204549
-command:
   audit_sudoers_running:
     title: RHEL-07-030700 | Must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | running
     exec: auditctl -l | grep -w "sudoers"
diff --git a/Cat_2/RHEL-07-030710.yml b/Cat_2/RHEL-07-030710.yml
index cc18ed5..fa46570 100644
--- a/Cat_2/RHEL-07-030710.yml
+++ b/Cat_2/RHEL-07-030710.yml
@@ -17,7 +17,6 @@ command:
       Rule_ID: SV-204550r833142_rule
       STIG_ID: RHEL-07-030710
       Vul_ID: V-204550
-command:
   audit_newgrp_running:
     title: RHEL-07-030710 | Must audit all uses of the newgrp command.| running
     exec: auditctl -l | grep -w "newgrp"
diff --git a/Cat_2/RHEL-07-030740.yml b/Cat_2/RHEL-07-030740.yml
index 31ff5bc..c707838 100644
--- a/Cat_2/RHEL-07-030740.yml
+++ b/Cat_2/RHEL-07-030740.yml
@@ -17,7 +17,6 @@ command:
       Rule_ID: SV-204552r833148_rule
       STIG_ID: RHEL-07-030740
       Vul_ID: V-204552
-command:
   audit_mount_running:
     title: RHEL-07-030740 | Must audit all uses of the mount command and syscall.| running
     exec: auditctl -l | grep -w "mount"
diff --git a/Cat_2/RHEL-07-040110.yml b/Cat_2/RHEL-07-040110.yml
index 773dc55..14ae120 100644
--- a/Cat_2/RHEL-07-040110.yml
+++ b/Cat_2/RHEL-07-040110.yml
@@ -1,6 +1,6 @@
 {{ if .Vars.RHEL_07_040110 }}
 command:
-  ciphers_sshd_config:
+  ciphers_sshd_config_dod:
     title: RHEL-07-040110 | must implement DoD-approved encryption to protect the confidentiality of SSH connections.
     exec: grep -i ciphers /etc/ssh/sshd_config
     exit-status: 0
diff --git a/Cat_2/RHEL-07-040180.yml b/Cat_2/RHEL-07-040180.yml
index 067953d..02dcdd1 100644
--- a/Cat_2/RHEL-07-040180.yml
+++ b/Cat_2/RHEL-07-040180.yml
@@ -1,8 +1,9 @@
 {{ if .Vars.rhel7stig_auth_settings.use_sssd }}
   {{ if .Vars.RHEL_07_040190 }}
 service:
-  sssd:
+  sssd_ldap_auth_comms:
     title: RHEL-07-040180 | Must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) authentication communications.
+    name: sssd
     running: true
     enabled: true
     meta:
diff --git a/Cat_2/RHEL-07-040190.yml b/Cat_2/RHEL-07-040190.yml
index 8a26335..8480a23 100644
--- a/Cat_2/RHEL-07-040190.yml
+++ b/Cat_2/RHEL-07-040190.yml
@@ -1,8 +1,9 @@
 {{ if .Vars.rhel7stig_auth_settings.use_sssd }}
   {{ if .Vars.RHEL_07_040190 }}
 service:
-  sssd:
+  sssd_ldap_comms:
     title: RHEL-07-040190 | Must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.
+    name: sssd
     running: true
     enabled: true
     meta:
diff --git a/Cat_2/RHEL-07-040200.yml b/Cat_2/RHEL-07-040200.yml
index 76d14b0..7c2cad3 100644
--- a/Cat_2/RHEL-07-040200.yml
+++ b/Cat_2/RHEL-07-040200.yml
@@ -1,8 +1,9 @@
 {{ if .Vars.rhel7stig_auth_settings.use_sssd }}
   {{ if .Vars.RHEL_07_040200 }}
 service:
-  sssd:
+  sssd_peer_x509:
     title: RHEL-07-040200 | Must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.
+    name: sssd
     running: true
     enabled: true
     meta:
diff --git a/Cat_2/RHEL-07-040712.yml b/Cat_2/RHEL-07-040712.yml
index 45c2bf1..7e2095c 100644
--- a/Cat_2/RHEL-07-040712.yml
+++ b/Cat_2/RHEL-07-040712.yml
@@ -1,6 +1,6 @@
 {{ if .Vars.RHEL_07_040712 }}
 command:
-  ciphers_sshd_config:
+  ciphers_sshd_config_fips:
     title: RHEL-07-040712 | The Red Hat Enterprise Linux operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.
     exec: grep -i kex /etc/ssh/sshd_config
     exit-status: 0
diff --git a/Cat_3/RHEL-07-021600.yml b/Cat_3/RHEL-07-021600.yml
index c78715b..e08c1c1 100644
--- a/Cat_3/RHEL-07-021600.yml
+++ b/Cat_3/RHEL-07-021600.yml
@@ -1,7 +1,8 @@
 {{ if .Vars.RHEL_07_021600 }}
 package:
-  aide:
+  aide_acls:
     title: RHEL-07-021600 | Must be configured so that the file integrity tool is configured to verify Access Control Lists (ACLs). | Aide Installed
+    name: aide
     installed: true
     meta:
       Cat: 3