Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-1485

More complete CIS SELinux remediation

    XMLWordPrintable

Details

    • Assignee, Qa Contact, Doc Contact, Pool Team, Watchers, Developer
    • ssg_security
    • False
    • Hide

      None

      Show
      None
    • Unspecified
    • No Doc Update
    • Unspecified

    Description

      Description of problem:
      CIS RHEL 9 Benchmark 1.0.0 PDF states that SELinux changes are monitored and mentions /etc/selinux and /usr/share/selinux.

      scap-security-guide-0.1.66-1.el9_1 only creates the following so /usr/share/selinux is not included:

      1. grep -ri selinux /etc/audit/rules.d/
        /etc/audit/rules.d/MAC-policy.rules:-w /etc/selinux/ -p wa -k MAC-policy

      But if adding a custom policy that would be configured in /var/lib/selinux.

      It looks like at least for CIS oscap should include at least /usr/share/selinux in /etc/audit/rules.d/MAC-policy.rules, perhaps also /var/lib/selinux.

      Thanks.

      Attachments

        Issue Links

          external trackers

          Web Link Red Hat Issue Tracker RHELPLAN-158058

          Activity

            People

              wsato@redhat.com Watson Sato
              myllynen Marko Myllynen
              Vojtech Polasek Vojtech Polasek
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: