From b1ed75b02a2ef3709b42a8bc034455b0df1b6b00 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 10:04:34 -0500
Subject: [PATCH 01/19] adding gitignore to ignore my notes file

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..bfa6551
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+notes

From b35c0f79fdc1b0e89cc9f8aad64a86d81caa9668 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 10:36:38 -0500
Subject: [PATCH 02/19] testing github slack integration

---
 test.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 test.txt

diff --git a/test.txt b/test.txt
new file mode 100644
index 0000000..53ccb3d
--- /dev/null
+++ b/test.txt
@@ -0,0 +1 @@
+testing github slack integration
\ No newline at end of file

From 8d14c88db9f47a4bc01c1d73f123709d78599dbc Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 10:42:54 -0500
Subject: [PATCH 03/19] testing github slack integration

---
 test.txt | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 test.txt

diff --git a/test.txt b/test.txt
deleted file mode 100644
index 53ccb3d..0000000
--- a/test.txt
+++ /dev/null
@@ -1 +0,0 @@
-testing github slack integration
\ No newline at end of file

From 2f536f4727b158724981fe0900ebdac2718b9ade Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 10:46:19 -0500
Subject: [PATCH 04/19] continued github integration testing

---
 test2 | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 test2

diff --git a/test2 b/test2
new file mode 100644
index 0000000..e69de29

From fd66bccd6b9b2269dead989e27f5fc992f84a159 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 10:59:57 -0500
Subject: [PATCH 05/19] testing slack/git integration

---
 test2 | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 test2

diff --git a/test2 b/test2
deleted file mode 100644
index e69de29..0000000

From 79e0d8a02a5ea9b228156842a819c60b705d0361 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:03:18 -0500
Subject: [PATCH 06/19] testing git/slack to branches

---
 testing | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 testing

diff --git a/testing b/testing
new file mode 100644
index 0000000..e69de29

From b7cf9b44a1ca60a6089659ede4bc9cf5a46dd7c1 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:04:14 -0500
Subject: [PATCH 07/19] removing test file

---
 testing | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 testing

diff --git a/testing b/testing
deleted file mode 100644
index e69de29..0000000

From 069b210776d627db8a9dcb60117ac6df3e21d8d8 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:30:44 -0500
Subject: [PATCH 08/19] testing webhook push

---
 test_ci | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 test_ci

diff --git a/test_ci b/test_ci
new file mode 100644
index 0000000..e69de29

From 88de7510b788f74410e9da52a977daeb53df6ed5 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:40:11 -0500
Subject: [PATCH 09/19] testing jenkins webhook

---
 test_ci | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 test_ci

diff --git a/test_ci b/test_ci
deleted file mode 100644
index e69de29..0000000

From 7948a0bfe1da4dc7791e70589865e0c5cc8cc0b9 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:46:01 -0500
Subject: [PATCH 10/19] testing build steps in jenkins

---
 test01 | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 test01

diff --git a/test01 b/test01
new file mode 100644
index 0000000..e69de29

From e9092ebc282d22809c588c2844570c63db1c98b3 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:48:45 -0500
Subject: [PATCH 11/19] testing jenkins/git

---
 test01 | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 test01

diff --git a/test01 b/test01
deleted file mode 100644
index e69de29..0000000

From e5fa67e1c81ffb2f63a0a2ef5d924bffc5223f67 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 11:50:51 -0500
Subject: [PATCH 12/19] more testing (sorry for spam)

---
 moretesting | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 moretesting

diff --git a/moretesting b/moretesting
new file mode 100644
index 0000000..e69de29

From 1aba3df39efe08bd8407b21bfbe09e5358dc1679 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 12:19:18 -0500
Subject: [PATCH 13/19] testing again

---
 moretesting | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 moretesting

diff --git a/moretesting b/moretesting
deleted file mode 100644
index e69de29..0000000

From 70bc13916bc92f0b0f6561f0ecdbbd63a2fa3210 Mon Sep 17 00:00:00 2001
From: wesshoffner <wes.shoffner@sunayu.com>
Date: Tue, 15 Jan 2019 12:41:33 -0500
Subject: [PATCH 14/19] testing jenkins/git/slack

---
 ci_testing_dummy_file | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 ci_testing_dummy_file

diff --git a/ci_testing_dummy_file b/ci_testing_dummy_file
new file mode 100644
index 0000000..e69de29

From 8f4b931f43c35ffd64f9bd55fe7b0f5a00161b6f Mon Sep 17 00:00:00 2001
From: nolanpeters <nolan.peters@sunayu.com>
Date: Tue, 15 Jan 2019 20:42:42 +0000
Subject: [PATCH 15/19] add fipsr hash to normal

---
 disa_stig7/cat2/aide.sls | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/disa_stig7/cat2/aide.sls b/disa_stig7/cat2/aide.sls
index ba13172..4ae2a06 100644
--- a/disa_stig7/cat2/aide.sls
+++ b/disa_stig7/cat2/aide.sls
@@ -42,6 +42,13 @@ aide config settings DATAONLY:
       ^DATAONLY\s*=.+$
   - repl: "DATAONLY =  p+n+u+g+s+acl+selinux+xattrs+sha512\n"
 
+aide config settings NORMAL:
+  file.replace:
+  - name: /etc/aide.conf
+  - pattern: |
+      ^NORMAL\s*=.+$
+  - repl: "NORMAL = FIPSR+sha512"
+
 # CAT2
 # RHEL-07-020130
 # RHEL-07-020140

From bb562cceef036eb93addb6a39f5166c34bf603af Mon Sep 17 00:00:00 2001
From: Nolan Peters <nolanpeters@Nolans-MBP.home>
Date: Tue, 15 Jan 2019 16:01:41 -0500
Subject: [PATCH 16/19] cat2's complete

---
 checklist/sunayu_rhel7_v2_r1.ckl | 72 ++++++++++++++++----------------
 1 file changed, 36 insertions(+), 36 deletions(-)

diff --git a/checklist/sunayu_rhel7_v2_r1.ckl b/checklist/sunayu_rhel7_v2_r1.ckl
index 9b7cec5..b405a24 100644
--- a/checklist/sunayu_rhel7_v2_r1.ckl
+++ b/checklist/sunayu_rhel7_v2_r1.ckl
@@ -6718,7 +6718,7 @@ clean_requirements_on_remove=1</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002617</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -7735,7 +7735,7 @@ If GIDs referenced in "/etc/passwd" file are returned as not defined in "/etc/gr
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11168,7 +11168,7 @@ If a separate entry for the file system/partition that contains the non-privileg
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11282,7 +11282,7 @@ If a separate entry for "/var" is not in use, this is a finding.</ATTRIBUTE_DATA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11399,7 +11399,7 @@ If no result is returned, or "/var/log/audit" is not on a separate file system,
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11515,7 +11515,7 @@ If the "tmp.mount" service is not enabled, this is a finding.</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11836,7 +11836,7 @@ If AIDE is installed, ensure the "acl" rule is present on all uncommented file a
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -11969,7 +11969,7 @@ If AIDE is installed, ensure the "xattrs" rule is present on all uncommented fil
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -20887,7 +20887,7 @@ Add the following line to the top of the /etc/security/limits.conf:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -24567,7 +24567,7 @@ Start the firewall via "systemctl" with the following command:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -24685,7 +24685,7 @@ session required pam_lastlog.so showfailed</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -25054,7 +25054,7 @@ If the "/etc/resolv.conf" file must be mutable, the required configuration must
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -26903,7 +26903,7 @@ Ensure the "sec" option is defined as "krb5:krb5i:krb5p".</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Applicable</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -27172,7 +27172,7 @@ If "firewalld" is not "active", enable "tcpwrappers" by configuring "/etc/hosts.
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -27299,7 +27299,7 @@ If "libreswan" is installed, "IPsec" is active, and an undocumented tunnel is ac
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -27845,7 +27845,7 @@ Modify all of the "cert_policy" lines in "/etc/pam_pkcs11/pam_pkcs11.conf" to in
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28117,7 +28117,7 @@ Add the setting to lock the session idle delay:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28360,7 +28360,7 @@ If no results are returned and use of NFS imported binaries is not documented wi
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Applicable</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28478,7 +28478,7 @@ network_failure_action = syslog</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28613,7 +28613,7 @@ The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28748,7 +28748,7 @@ The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -28883,7 +28883,7 @@ The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29019,7 +29019,7 @@ The audit daemon must be restarted for the changes to take effect:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29273,7 +29273,7 @@ If a wireless interface is configured and its use on the system is not documente
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Applicable</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29422,7 +29422,7 @@ Update the system databases:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Applicable</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29551,7 +29551,7 @@ blacklist dccp</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29670,7 +29670,7 @@ ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail --no-block d
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -29799,7 +29799,7 @@ Issue the following command to make the changes take effect:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30070,7 +30070,7 @@ The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30202,7 +30202,7 @@ The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DA
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30318,7 +30318,7 @@ password     substack    system-auth</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30713,7 +30713,7 @@ If no results are returned, this is a finding.</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30834,7 +30834,7 @@ If no results are returned, this is a finding.</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -30955,7 +30955,7 @@ If no results are returned, this is a finding.</ATTRIBUTE_DATA>
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>Not_Reviewed</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -31078,7 +31078,7 @@ The audit daemon must be restarted for changes to take effect:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
@@ -31213,7 +31213,7 @@ The audit daemon must be restarted for changes to take effect:
 					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
 				</STIG_DATA>
-				<STATUS>Open</STATUS>
+				<STATUS>NotAFinding</STATUS>
 				<FINDING_DETAILS></FINDING_DETAILS>
 				<COMMENTS></COMMENTS>
 				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>

From 7925c2bb8320abff091da1a2c738151bdb011760 Mon Sep 17 00:00:00 2001
From: Justin McMillion <33045995+justin-sunayu@users.noreply.github.com>
Date: Tue, 15 Jan 2019 21:23:38 -0500
Subject: [PATCH 17/19] Update VERSION

---
 disa_stig7/VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/disa_stig7/VERSION b/disa_stig7/VERSION
index 890a1c1..5f8e42b 100644
--- a/disa_stig7/VERSION
+++ b/disa_stig7/VERSION
@@ -1 +1 @@
-Red Hat 7 STIG - Ver 1, Rel 4
+Red Hat 7 STIG - Ver 2, Rel 1

From 8adc9be32e7c1b6855fdccbc279b22d06b6ed726 Mon Sep 17 00:00:00 2001
From: Justin McMillion <33045995+justin-sunayu@users.noreply.github.com>
Date: Tue, 15 Jan 2019 21:39:53 -0500
Subject: [PATCH 18/19] Update README.md

---
 disa_stig7/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/disa_stig7/README.md b/disa_stig7/README.md
index 4d9961c..e630f5c 100644
--- a/disa_stig7/README.md
+++ b/disa_stig7/README.md
@@ -2,8 +2,8 @@ This formula is created to enfofce the rhel/centos disa 7 stigs
 
 Has been tested on
 
-* RHEL 7.4
-* CentOS 7.4
+* RHEL 7.6
+* CentOS 7.6
 
 Required:
 

From 9ebbdffaeae511b0ada7d72a7dac743606de86f1 Mon Sep 17 00:00:00 2001
From: Justin McMillion <33045995+justin-sunayu@users.noreply.github.com>
Date: Tue, 15 Jan 2019 21:47:09 -0500
Subject: [PATCH 19/19] updated aide.sls. need that \n

---
 disa_stig7/cat2/aide.sls | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/disa_stig7/cat2/aide.sls b/disa_stig7/cat2/aide.sls
index 4ae2a06..ec7e123 100644
--- a/disa_stig7/cat2/aide.sls
+++ b/disa_stig7/cat2/aide.sls
@@ -47,7 +47,7 @@ aide config settings NORMAL:
   - name: /etc/aide.conf
   - pattern: |
       ^NORMAL\s*=.+$
-  - repl: "NORMAL = FIPSR+sha512"
+  - repl: "NORMAL = FIPSR+sha512\n"
 
 # CAT2
 # RHEL-07-020130