Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-29308

audit rules for RHEL 9 CIS Benchmark point 4.1.3.5

XMLWordPrintable

    • sst_security_compliance
    • ssg_security
    • False
    • Hide

      None

      Show
      None
    • No
    • Red Hat Enterprise Linux
    • Unspecified Release Note Type - Unknown
    • x86_64

      What were you trying to do that didn't work?

       

      • RHEL 9 CIS Benchmark point 4.1.3.5: audit for network configuration changes on directory "/etc/sysconfig/network-scripts/"

       

      Please provide the package NVR for which bug is seen:

       

      scap-security-guide-0.1.72-1.el9_3.noarch

      How reproducible:

       

      • Always

      Steps to reproduce

      1.  On RHEL 9 system, install scap-security-guide
      2. Run ""ansible-playbook -i "localhost," -c local /usr/share/scap-security-guide/ansible/rhel9-playbook-cis.yml"

      Expected results

       

      • Directory "/etc/sysconfig/network-scripts/" included in generated audit rules.

        Actual results

       

      • Directory is not included.

       

       

      Aware of ifcfg deprecation on RHEL 9, but CIS Benchmark 4.1.3.5 still specifies audit for its location as verified on pdf downloaded from site (attached to issue). Customer on associated case is asking for it.

        1. CIS_Red_Hat_Enterprise_Linux_9_Benchmark_v1.0.0.pdf
          3.58 MB

            jcerny@redhat.com Jan Cerny
            rhn-support-raldaz Raúl Aldaz
            Vojtech Polasek Vojtech Polasek
            SSG Security QE SSG Security QE
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated: