Rule file_permissions_etc_audit_rulesd fails after remediation #12766
Assignees
Labels
productization-issue
Issue found in upstream stabilization process.
RHEL8
Red Hat Enterprise Linux 8 product related.
RHEL9
Red Hat Enterprise Linux 9 product related.
RHEL10
Red Hat Enterprise Linux 10 product related.
Milestone
Comments
jan-cerny
added
productization-issue
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of problem:
During daily productization review today we have discovered that rule file_permissions_etc_audit_rulesd fails after remediation.
It fails in these tests:
Also, the rule is reported as misaligned with DISA with this note: SSG result: fail, DISA result: pass.
SCAP Security Guide Version:
Current upstream master branch as of 2024-02-01 as of HEAD 8cb84dc.
Operating System Version:
8 RHEL-8.10.0-updates-20241228.1
9 RHEL-9.6.0-20241231.2
10 RHEL-10.0-20241220.0
Steps to Reproduce:
no
Actual Results:
Files
/etc/audit/rules.d/delete.rulesand/etc/audit/rules.d/modules.ruleshave permissions 0640 but the expected permissions are 0600.Expected Results:
rule passes and aforementioned tests pass
Additional Information/Debugging Steps:
Investigate if it's related to recent PR #12737.
The text was updated successfully, but these errors were encountered: