29 lines
555 B
YAML
29 lines
555 B
YAML
---
|
|
|
|
{{ if .Vars.ubtu24cis_level_2 }}
|
|
{{ if .Vars.ubtu24cis_rule_5_2_4 }}
|
|
command:
|
|
nopasswd_sudoers_d:
|
|
title: 5.2.4 | Ensure users must provide password for privilege escalation
|
|
exec: grep -R NOPASSWD /etc/sudoers /etc/sudoers.d/* | grep -v '.*\:#'
|
|
exit-status:
|
|
or:
|
|
- 0
|
|
- 1
|
|
stdout:
|
|
- '!/.*/'
|
|
meta:
|
|
server: 2
|
|
workstation: 2
|
|
CIS_ID:
|
|
- 5.2.4
|
|
CISv8:
|
|
- 5.4
|
|
CISv8_IG1: true
|
|
CISv8_IG2: true
|
|
CISv8_IG3: true
|
|
NIST800-53R5:
|
|
- AC-6
|
|
{{ end }}
|
|
{{ end }}
|