Skip to content

Refactor ubuntu oval for audit_rules_networkconfig_modification #12722

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dodys merged 2 commits into from
Dec 17, 2024
Merged

Refactor ubuntu oval for audit_rules_networkconfig_modification #12722

dodys merged 2 commits into from
Dec 17, 2024

Conversation

@mpurg
Copy link
Contributor

@mpurg mpurg commented Dec 16, 2024

Description:

  • Refactor ubuntu oval for audit_rules_networkconfig_modification
  • Add rules to Ubuntu 24.04 CIS v1 control 6.2.3.5

Rationale:

  • use loops to avoid duplicated code
  • add '/etc/netplan/' check for Ubuntu 24.04 CIS

mpurg added 2 commits December 16, 2024 11:14
@mpurg
Refactor ubuntu oval for audit_rules_networkconfig_modification
cf17df9 
- use loops to avoid duplicated code
- add '/etc/netplan/' check for Ubuntu 24.04 CIS
@mpurg
Add rules to ubuntu2404 CIS control 6.2.3.5
dacb7b9
@mpurg mpurg requested a review from a team as a code owner December 16, 2024 10:53
@openshift-ci openshift-ci bot added the needs-ok-to-test Used by openshift-ci bot. label Dec 16, 2024
@openshift-ci
Copy link

openshift-ci bot commented Dec 16, 2024

Hi @mpurg. Thanks for your PR.

I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@github-actions
Copy link

github-actions bot commented Dec 16, 2024

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions
Copy link

github-actions bot commented Dec 16, 2024

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff 
New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification'.
--- xccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification
+++ xccdf_org.ssgproject.content_rule_audit_rules_networkconfig_modification
@@ -12,6 +12,7 @@
 -w /etc/issue -p wa -k audit_rules_networkconfig_modification
 -w /etc/issue.net -p wa -k audit_rules_networkconfig_modification
 -w /etc/hosts -p wa -k audit_rules_networkconfig_modification
+
 -w /etc/sysconfig/network -p wa -k audit_rules_networkconfig_modification
 
 If the auditd daemon is configured to use the auditctl

@qlty-cloud-legacy
Copy link

qlty-cloud-legacy bot commented Dec 16, 2024

Code Climate has analyzed commit dacb7b9 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 60.9% (0.0% change).

View more on Code Climate.

@dodys dodys self-assigned this Dec 16, 2024
@dodys dodys added OVAL OVAL update. Related to the systems assessments. Ubuntu Ubuntu product related. CIS CIS Benchmark related. Update Profile Issues or pull requests related to Profiles updates. labels Dec 16, 2024
@dodys dodys added this to the 0.1.76 milestone Dec 16, 2024
dodys
dodys approved these changes Dec 17, 2024
View reviewed changes
Copy link
Contributor

@dodys dodys left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, thanks!

@dodys dodys merged commit dfe3b6f into ComplianceAsCode:master Dec 17, 2024
95 of 98 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dodys dodys dodys approved these changes

Assignees

@dodys dodys

Labels

CIS CIS Benchmark related. needs-ok-to-test Used by openshift-ci bot. OVAL OVAL update. Related to the systems assessments. Ubuntu Ubuntu product related. Update Profile Issues or pull requests related to Profiles updates.

Projects

None yet

Milestone

0.1.76

Development

Successfully merging this pull request may close these issues.

2 participants

@mpurg @dodys