8000 SLES-15-030400 rule by rumch-se · Pull Request #6931 · ComplianceAsCode/content · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

SLES-15-030400 rule #6931

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 13, 2021
Merged

SLES-15-030400 rule #6931

merged 2 commits into from
May 13, 2021

Conversation

rumch-se
Copy link
Contributor

Added platform clause

Description:

-_SLES-15-030400 rule _

Rationale:

@rumch-se
SLES-15-030400 rule
f182a57 
Added platform clause
@openscap-ci
Copy link
Collaborator

Can one of the admins verify this patch?

1 similar comment
@openscap-ci
Copy link
Collaborator

Can one of the admins verify this patch?

@openshift-ci-robot
Copy link
Collaborator

Hi @rumch-se. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the needs-ok-to-test Used by openshift-ci bot. label Apr 30, 2021
@vojtapolasek
Copy link
Collaborator

@openscap-ci test this please

@vojtapolasek
Copy link
Collaborator

/ok-to-test

@openshift-ci-robot openshift-ci-robot added ok-to-test Used by openshift-ci bot. and removed needs-ok-to-test Used by openshift-ci bot. labels May 5, 2021
@vojtapolasek
Copy link
Collaborator

Hello @rumch-se , thank you for the rule. It looks good. Could you please just modify tests so that they correctly enable / disable augenrules / auditctl? See here for example:
https://github.com/ComplianceAsCode/content/tree/master/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/tests

@vojtapolasek vojtapolasek self-assigned this May 6, 2021
@vojtapolasek vojtapolasek added this to the 0.1.56 milestone May 6, 2021
@openshift-ci
Copy link
openshift-ci bot commented May 7, 2021

@rumch-se: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/e2e-aws-rhcos4-moderate b02f4e3 link /test e2e-aws-rhcos4-moderate

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@vojtapolasek vojtapolasek modified the milestones: 0.1.56, 0.1.57 May 11, 2021
@vojtapolasek
Copy link
Collaborator

@openscap-ci test this please

@ggbecker
Copy link
Member

@openscap-ci ok to test

@openscap-ci
Copy link
Collaborator

Changes identified:
Rules:
 audit_rules_privileged_commands_modprobe
Profiles:
 stig on sle15

Show details

Rule audit_rules_privileged_commands_modprobe:
 Ansible remediation newly added.
 OVAL check is newly added.
Profile stig on sle15:
 Rule audit_rules_privileged_commands_modprobe added to stig profile.

Recommended tests to execute:
 build_product sle15
 tests/test_suite.py rule --libvirt qemu:///system test-suite-vm --remediate-using ansible --datastream build/ssg-sle15-ds.xml audit_rules_privileged_commands_modprobe
 tests/test_suite.py rule --libvirt qemu:///system test-suite-vm --remediate-using bash --datastream build/ssg-sle15-ds.xml audit_rules_privileged_commands_modprobe
 tests/test_suite.py profile --libvirt qemu:///system test-suite-vm --datastream build/ssg-sle15-ds.xml stig

@vojtapolasek
Copy link
Collaborator

/retest

@vojtapolasek vojtapolasek merged commit 2fc012f into ComplianceAsCode:master May 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@vojtapolasek vojtapolasek

Labels
ok-to-test Used by openshift-ci bot.
Projects
None yet
Milestone
0.1.57
Development

Successfully merging this pull request may close these issues.
5 participants
@rumch-se @openscap-ci @openshift-ci-robot @vojtapolasek @ggbecker
0