Skip to content

ansible-lockdown/UBUNTU24-CIS-Audit

Repository files navigation

Ubuntu 24.04 Goss config

Overview

Based on CIS Benchmark for Ubuntu 24.04 LTS Benchmark v1.0.0

Centre For Internet Security

This repository is set of configuration files and directories to run the audit of the relevant benchmark of Ubuntu 24.04 servers

This is configured in a directory structure level.

variables

file: vars/{benchmark_type}.yml

Please refer to the file for all options and their meanings

The listed variable for every control/benchmark can be turned on/off or section

  • Other controls

    • enable_selinux
    • run_heavy_tasks
  • Bespoke options

    If a site has specific options e.g. password complexity these can also be set.

Requirements

goss >= 0.4.4 root privileges

Branches

If running as part of the ansible playbook, this will pull in the relevant branch for the version of benchmark you are remediating.

  • e.g. v1.0.0 will pull in branch benchmark-v1.0.0

Devel is normally the latest benchmark version, so maybe different from the version of benchmark you wish to test. Details will show in the README as part of the remedation as to the benchmark for the version it is written for.

Usage

Fot the latest information on audit and how it can be used please visit

Read the Docs - Audit

Extra settings

Ability to add your own requirements is available in several sections

Support

Discord Community Discussions

Enterprise Support

MindPoint Group

Links and Further information

About

CIS Audit for Ubuntu24

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published