Update RHEL 9 STIG to V2R1 #12373
Update RHEL 9 STIG to V2R1 #12373
Conversation
* Replace auid>=1000 with auid>={{{ uid_min }}}
* Ensure that < and > are correctly replaced with < and >
* Remove the Satisfies: SRG-OS.+ check text
Mab879
added
RHEL9
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
|
🤖 A k8s content image for this PR is available at: Click here to see how to deploy itIf you alread have Compliance Operator deployed: Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and: |
openshift-ci
bot
added
the
do-not-merge/work-in-progress
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
Code Climate has analyzed commit 75b04f0 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 59.5% (0.0% change). View more on Code Climate. |
| @@ -18,7 +20,7 @@ checktext: |- | |||
| $ sudo /usr/lib/systemd/systemd-sysctl --cat-config | egrep -v '^(#|;)' | grep -F kernel.unprivileged_bpf_disabled | tail -1 | |||
| kernel.unprivileged_bpf_disabled = 1 | |||
|
|
|||
| If the network parameter "ipv4.tcp_syncookies" is not equal to "1", or nothing is returned, this is a finding. | |||
| If the network parameter "kernel.unprivileged_bpf_disabled" is not equal to "1", or nothing is returned, this is a finding. | |||
Description:
Rationale:
Keep the STIG updated.
Closes #12237
Closes #12088