UBUNTU24-CIS

Commit Graph

Author	SHA1	Message	Date
Mark Bolwell	39507838e6	added workaround for ssh-server patching breaks /run/ssh Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-21 11:15:52 +00:00
Mark Bolwell	0835a05b08	reset 5.1.1 settings Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-21 11:13:47 +00:00
Mark Bolwell	345928b74f	updated 5.1.1 logic for ec2 image Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-21 09:45:33 +00:00
Mark Bolwell	39efaecdd2	Added updated for 5.1.1 to ignore ec2 based ssh config perms change Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-20 17:09:21 +00:00
Mark Bolwell	764b0eaa63	removed tag typo in 5.1.7 #20 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-20 09:56:37 +00:00
Mark Bolwell	5553ddb0a8	updated rules for 4.4.x.x thanks to issue #19 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-20 09:52:24 +00:00
Mark Bolwell	dae6f8ab9f	issue #12 addressed moduel update thanks to @VitaliySynytskyi Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-14 11:59:54 +00:00
Mark Bolwell	fdcee67e0a	addressed #15 thanks tou @WhiteRoseLK Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-14 11:58:46 +00:00
Mark Bolwell	2bb9240aae	addressed #9 thanks to @kerjox Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-02-14 11:28:10 +00:00
Shawn Hardwick	9a2a7ad96f	If prelim_auditd_logfile does not evaluate, check mode will fail on rule 6.2.4.3 with 'file () is absent, cannot continue' error Signed-off-by: Shawn Hardwick <time4swim@gmail.com>	2025-02-05 12:54:03 -05:00
Shawn Hardwick	4af134cd74	Update rule 5.4.1.5 to use shell task which supports pipes instead of command task; previously this would silently fail Signed-off-by: Shawn Hardwick <time4swim@gmail.com>	2025-02-05 12:54:03 -05:00
Shawn Hardwick	1cf3c4d58b	Update regexp for rule 2.1.21 to be more strict when updating line in file; allows task to be idempotent with itself Signed-off-by: Shawn Hardwick <time4swim@gmail.com>	2025-02-05 12:54:03 -05:00
Shawn Hardwick	8a38650658	Add ignore_apt_update_changed_when default variable to allow users to specify changed_when behavior of apt update task; allows for idempotency checks (like Molecule) Signed-off-by: Shawn Hardwick <time4swim@gmail.com>	2025-02-05 12:53:49 -05:00
Mark Bolwell	043fb4451b	Added auditd arm compatibility thanks to @arousseau-coveo for the excellent work Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-28 10:53:33 +00:00
Mark Bolwell	bba53315f2	moved apt update order to assist with audit Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-21 08:07:27 +00:00
Mark Bolwell	5de8d4c558	Added optional logrotate install and variable, improved 6.1.3.8 logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 15:33:10 +00:00
Mark Bolwell	d190c51fa4	Updated since ubuntu removes unncessary time pkgs Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 14:00:34 +00:00
Mark Bolwell	e69c18fa1c	improved audit handler and related rules Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 13:16:56 +00:00
Mark Bolwell	6e78559776	tidy up grub/bootloader logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 12:40:06 +00:00
Mark Bolwell	18152bc17d	fix conditional for snap/squashfs Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 12:39:13 +00:00
Mark Bolwell	cc307541a9	5.4.3.3 updated to add profile script Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 12:37:54 +00:00
Mark Bolwell	9709aa503b	5.4.3.2 updated permissions Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 09:27:23 +00:00
Mark Bolwell	3c62843418	fixed file permissions 2.3.2.1 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 09:05:37 +00:00
Mark Bolwell	c129cf0552	removed mask section u24 now removes time package not used automatically Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 09:03:01 +00:00
Mark Bolwell	3e92d4b54b	fixed permissions 5.4.3.2 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-10 08:40:32 +00:00
Mark Bolwell	08987aca24	fixed quotes on line25 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2025-01-07 18:20:54 +00:00
Mark Bolwell	f77befa17e	lint mode update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 11:50:29 +00:00
Mark Bolwell	cd84a2930d	updated variable name Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 10:23:16 +00:00
Mark Bolwell	b2cded315b	Updated mountpoint vars correctly Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-11 10:10:14 +00:00
Mark Bolwell	4f5a3f7c8d	Update to mounts section1 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-10 12:07:31 +00:00
Mark Bolwell	342489f4d9	lint update Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-10 12:07:14 +00:00
Mark Bolwell	e7d6d56fb9	lint updated spacing and multiple improvements Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-12-06 14:16:39 +00:00
Mark Bolwell	a22741daa9	idempotent improvements, var fixes Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-26 08:06:51 +01:00
Mark Bolwell	1f90fef6dd	Updated thanks to @mathf Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-26 07:45:02 +01:00
Mark Bolwell	c090ca580e	lint updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 09:15:31 +01:00
Mark Bolwell	8e3457ee3c	blank lines removed Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 09:10:37 +01:00
Mark Bolwell	717d64851c	added improvement to 5.2.4 Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 09:10:23 +01:00
Mark Bolwell	07c2ef5427	Initial Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>	2024-09-05 08:36:16 +01:00

38 Commits