colin
/
UBUNTU24-CIS-Audit
mirror of https://github.com/ansible-lockdown/UBUNTU24-CIS-Audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8 from ansible-lockdown/meta_fixes 

meta updates
This commit is contained in:
uk-bolly 2025-01-21 16:17:21 +00:00 committed by GitHub
parent 171b97c379 0903a24e2b
commit 66ae34de32
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
section_1/cis_1.5/cis_1.5.2.yml
View File

@ -10,7 +10,7 @@ kernel-param:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 1.5.1 - 1.5.2
CISv8: 10.5 CISv8: 10.5
CISv8_IG1: false CISv8_IG1: false
CISv8_IG2: true CISv8_IG2: true
@ -18,7 +18,7 @@ kernel-param:
NIST800-53R5: CM-6 NIST800-53R5: CM-6
command: command:
ptrace_restrict_2: ptrace_restrict_2:
title: 1.5.1 | Ensure ptrace_scope is restricted | sysctl_configured title: 1.5.2 | Ensure ptrace_scope is restricted | sysctl_configured
exit-status: exit-status:
or: or:
- 0 - 0
@ -30,7 +30,7 @@ command:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 1.5.1 - 1.5.2
CISv8: 10.5 CISv8: 10.5
CISv8_IG1: false CISv8_IG1: false
CISv8_IG2: true CISv8_IG2: true

2
section_3/cis_3.3/cis_3.3.6.yml
View File

@ -27,7 +27,7 @@ kernel-param:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 3.2.6 - 3.3.6
CISv8: CISv8:
- 4.8 - 4.8
CISv8_IG1: false CISv8_IG1: false

2
section_3/cis_3.3/cis_3.3.8.yml
View File

@ -8,7 +8,7 @@ kernel-param:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 3.3.1 - 3.3.8
CISv8: CISv8:
- 4.8 - 4.8
CISv8_IG1: false CISv8_IG1: false

2
section_5/cis_5.1/cis_5.1.13.yml
View File

@ -4,7 +4,7 @@
{{ if .Vars.ubtu24cis_rule_5_1_13 }} {{ if .Vars.ubtu24cis_rule_5_1_13 }}
file: file:
ssh_logingrace: ssh_logingrace:
title: 5.1.21 | Ensure sshd LoginGraceTime is configured title: 5.1.13 | Ensure sshd LoginGraceTime is configured
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
exists: true exists: true
contents: contents:

2
section_5/cis_5.1/cis_5.1.2.yml
View File

@ -12,7 +12,7 @@ command:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 5.1.3 - 5.1.2
CISv8: CISv8:
- 3.3 - 3.3
CISv8_IG1: true CISv8_IG1: true

2
section_5/cis_5.3.3.2/cis_5.3.3.2.8.yml
View File

@ -17,7 +17,7 @@ command:
server: 1 server: 1
workstation: 1 workstation: 1
CIS_ID: CIS_ID:
- 5.3.3.2.7 - 5.3.3.2.8
CISv8: CISv8:
- 5.2 - 5.2
CISv8_IG1: true CISv8_IG1: true

2
section_6/cis_6.2.3/cis_6.2.3.14.yml
View File

@ -25,7 +25,7 @@ command:
- AU-3 - AU-3
- CM-6 - CM-6
auditd_MAC_live: auditd_MAC_live:
title: 6.2.6 | Ensure events that modify the system's Mandatory Access Controls are collected | Live title: 6.2.3.14 | Ensure events that modify the system's Mandatory Access Controls are collected | Live
exec: auditctl -l | grep MAC-policy exec: auditctl -l | grep MAC-policy
exit-status: 0 exit-status: 0
stdout: stdout:

2
section_6/cis_6.2.3/cis_6.2.3.19.yml
View File

@ -33,6 +33,8 @@ command:
meta: meta:
server: 2 server: 2
workstation: 2 workstation: 2
CIS_ID:
- 6.2.3.19
CISv8: CISv8:
- 8.5 - 8.5
CISv8_IG1: false CISv8_IG1: false