Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Undefined
Fix Version/s: rhel-9.3.0
Affects Version/s: rhel-9.2.0
Component/s: scap-security-guide
Labels:
- MigratedToJIRA
- Triaged

Regression:
None
Severity:
None

AssignedTeam:
rhel-security-compliance
Sub-System Group:

ssg_security

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
None

Git Pull Request:
https://github.com/ComplianceAsCode/content/pull/10231
Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
Release Note Not Required

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2209655

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None
Internal Target Milestone numeric:
57,005

Description of problem:
CIS RHEL 9 Benchmark 1.0.0 PDF states that SELinux changes are monitored and mentions /etc/selinux and /usr/share/selinux.

scap-security-guide-0.1.66-1.el9_1 only creates the following so /usr/share/selinux is not included:

grep -ri selinux /etc/audit/rules.d/
/etc/audit/rules.d/MAC-policy.rules:-w /etc/selinux/ -p wa -k MAC-policy

But if adding a custom policy that would be configured in /var/lib/selinux.

It looks like at least for CIS oscap should include at least /usr/share/selinux in /etc/audit/rules.d/MAC-policy.rules, perhaps also /var/lib/selinux.

Thanks.

external trackers

Red Hat Issue Tracker RHELPLAN-158058

Assignee:: Marcus Burghardt

Reporter:: Marko Myllynen

Contributors:: Vojtech Polasek

Developer:: Marcus Burghardt

QA Contact:: SSG Security QE

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2023/08/17 2:01 PM

Updated:: 2024/04/08 9:45 AM

Resolved:: 2024/04/08 9:45 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates