Skip to content

Move to /bin/false for disabling kernel modules #11475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
marcusburghardt merged 1 commit into from
Jan 25, 2024
Merged

Move to /bin/false for disabling kernel modules #11475

marcusburghardt merged 1 commit into from
Jan 25, 2024

Conversation

@Mab879
Copy link
Member

@Mab879 Mab879 commented Jan 24, 2024

Description:

Move to /bin/false for disabling kernel modules.

Rationale:

It makes better error messages and follows vendor guidance.
The OVAL accepts both.

The STIG for RHEL, and OL, Ubuntu all use this format.

@Mab879
Move to /bin/false for disabling kernel modules
b4ba631 
It makes better error messages and follows vendor guidance.
@Mab879 Mab879 added the Update Rule Issues or pull requests related to Rules updates. label Jan 24, 2024
@Mab879 Mab879 added this to the 0.1.72 milestone Jan 24, 2024
@github-actions
Copy link

github-actions bot commented Jan 24, 2024

Start a new ephemeral environment with changes proposed in this pull request:

Fedora Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@qlty-cloud-legacy
Copy link

qlty-cloud-legacy bot commented Jan 24, 2024

Code Climate has analyzed commit b4ba631 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 58.5% (0.0% change).

View more on Code Climate.

@Mab879 Mab879 added Ansible Ansible remediation update. Bash Bash remediation update. labels Jan 25, 2024
@Mab879 Mab879 mentioned this pull request Jan 25, 2024
Merged
marcusburghardt
marcusburghardt approved these changes Jan 25, 2024
View reviewed changes
Copy link
Member

@marcusburghardt marcusburghardt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great. CIS also has a preference for /bin/false.

@marcusburghardt marcusburghardt merged commit 51d5554 into ComplianceAsCode:master Jan 25, 2024
@marcusburghardt marcusburghardt self-assigned this Jan 25, 2024
@Mab879 Mab879 deleted the update_rhel_kernel_disable branch January 25, 2024 15:49
@mpurg mpurg mentioned this pull request Jan 26, 2024
Merged
@marcusburghardt marcusburghardt mentioned this pull request Jan 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marcusburghardt marcusburghardt marcusburghardt approved these changes

Assignees

@marcusburghardt marcusburghardt

Labels

Ansible Ansible remediation update. Bash Bash remediation update. Update Rule Issues or pull requests related to Rules updates.

Projects

None yet

Milestone

0.1.72

Development

Successfully merging this pull request may close these issues.

2 participants

@Mab879 @marcusburghardt