66 lines
1.4 KiB
YAML
66 lines
1.4 KiB
YAML
---
|
|
|
|
{{ if .Vars.ubtu24cis_level_1 }}
|
|
{{ if .Vars.ubtu24cis_config_aide }}
|
|
{{ if .Vars.ubtu24cis_rule_6_3_2 }}
|
|
{{ if eq .Vars.ubtu24cis_aide_scan "cron" }}
|
|
command:
|
|
aide_cron:
|
|
title: 6.3.2 | Ensure filesystem integrity is regularly checked | aide cron
|
|
exit-status:
|
|
or:
|
|
- 0
|
|
- 2
|
|
exec: "grep -rs aide /etc/cron.* /etc/crontab /var/spool/cron/*"
|
|
stdout:
|
|
- '!/^#/'
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 6.3.2
|
|
CISv8: 8.5
|
|
CISv8_IG1: false
|
|
CISv8_IG2: true
|
|
CISv8_IG3: true
|
|
NIST800-53R5: NA
|
|
{{ end }}
|
|
service:
|
|
{{ if eq .Vars.ubtu24cis_aide_scan "timer" }}
|
|
aidecheck:
|
|
title: 6.3.2 | Ensure filesystem integrity is regularly checked | aidecheck service
|
|
name: aidecheck.service
|
|
enabled: true
|
|
running: true
|
|
skip: false
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 6.3.2
|
|
CISv8: 8.5
|
|
CISv8_IG1: false
|
|
CISv8_IG2: true
|
|
CISv8_IG3: true
|
|
NIST800-53R5: NA
|
|
aidecheck.timer:
|
|
title: 6.3.2 | Ensure filesystem integrity is regularly checked | aidecheck timer
|
|
name: aidecheck.timer
|
|
enabled: true
|
|
running: true
|
|
skip: false
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 6.3.2
|
|
CISv8: 8.5
|
|
CISv8_IG1: false
|
|
CISv8_IG2: true
|
|
CISv8_IG3: true
|
|
NIST800-53R5: NA
|
|
{{ end }}
|
|
{{ end }}
|
|
{{ end }}
|
|
{{ end }}
|