From e9c38b6f0abe160c5737ddd31538d3b296ec6d7a Mon Sep 17 00:00:00 2001 From: svet-se Date: Wed, 7 Aug 2024 16:32:59 +0300 Subject: [PATCH] add rule audit_rules_usergroup_modification_opasswd to slmicro5 stig profile --- controls/stig_slmicro5.yml | 5 +++-- .../audit_rules_usergroup_modification_opasswd/rule.yml | 1 + shared/references/cce-slmicro5-avail.txt | 1 - 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/controls/stig_slmicro5.yml b/controls/stig_slmicro5.yml index ab9f1724868a..674f4888d8d9 100644 --- a/controls/stig_slmicro5.yml +++ b/controls/stig_slmicro5.yml @@ -1607,8 +1607,9 @@ controls: title: SLEM 5 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. - rules: [] - status: pending + rules: + - audit_rules_usergroup_modification_opasswd + status: automated - id: SLEM-05-654140 levels: diff --git a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml index 90c7bf27f5ed..3d804044e64a 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -33,6 +33,7 @@ identifiers: cce@rhel10: CCE-90664-4 cce@sle12: CCE-83123-0 cce@sle15: CCE-85728-4 + cce@slmicro5: CCE-93659-1 references: cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9 diff --git a/shared/references/cce-slmicro5-avail.txt b/shared/references/cce-slmicro5-avail.txt index 6e5934a48a72..39ad264a1242 100644 --- a/shared/references/cce-slmicro5-avail.txt +++ b/shared/references/cce-slmicro5-avail.txt @@ -16,7 +16,6 @@ CCE-93638-5 CCE-93639-3 CCE-93640-1 CCE-93641-9 -CCE-93659-1 CCE-93660-9 CCE-93661-7 CCE-93662-5