Skip to content

Update rules related to /var/log/audit #14286

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
jan-cerny wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Update rules related to /var/log/audit #14286

jan-cerny wants to merge 3 commits into from

Conversation

@jan-cerny
Copy link
Collaborator

@jan-cerny jan-cerny commented Jan 9, 2026

Fix rules fix_permissions_var_log_audit and directory_permissions_var_log_audit.

This rule description wasn't aligned with OVAL and remediations. There
were product specific conditions that aren't justified. In this commit
the code has been consolidated so that it works the same on all
platforms. Inconsistencies have been removed and clarified. Ansible
remediation has been simplified and aligned with the Bash remediation.
Finally, test scenarios have been reworked.

Resolves: https://issues.redhat.com/browse/RHEL-138549

@jan-cerny
Update rule directory_permissions_var_log_audit
eacac80 
This rule description wasn't aligned with OVAL and remediations. There
were product specific conditions that aren't justified. In this commit
the code has been consolidated so that it works the same on all
platforms. Inconsistencies have been removed and clarified. Special OVAL
for SLES 15 has been merged into the generic OVAL. Ansible remediation
has been simplified and aligned with the Bash remediation. Finally, all
test scenarios have been reworked.

Resolves: https://issues.redhat.com/browse/RHEL-138549
@jan-cerny jan-cerny added this to the 0.1.80 milestone Jan 9, 2026
@jan-cerny jan-cerny added the bugfix Fixes to reported bugs. label Jan 9, 2026
@openshift-ci
Copy link

openshift-ci bot commented Jan 9, 2026

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label Jan 9, 2026
@jan-cerny
Update rule file_permissions_var_log_audit
445b25f 
This rule description wasn't aligned with OVAL and remediations. There
were product specific conditions that aren't justified. In this commit
the code has been consolidated so that it works the same on all
platforms. Inconsistencies have been removed and clarified. Ansible
remediation has been simplified and aligned with the Bash remediation.
Finally, test scenarios have been reworked.

Resolves: https://issues.redhat.com/browse/RHEL-138549
@github-actions
Copy link

github-actions bot commented Jan 9, 2026
edited
Loading

ATEX Test Results

Test artifacts have been submitted to Testing Farm.

Results: View Test Results
Workflow Run: View Workflow Details

This comment was automatically generated by the ATEX workflow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matusmarhefka matusmarhefka Awaiting requested review from matusmarhefka matusmarhefka will be requested when the pull request is marked ready for review matusmarhefka is a code owner

@Mab879 Mab879 Awaiting requested review from Mab879 Mab879 will be requested when the pull request is marked ready for review Mab879 is a code owner

@vojtapolasek vojtapolasek Awaiting requested review from vojtapolasek vojtapolasek will be requested when the pull request is marked ready for review vojtapolasek is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bugfix Fixes to reported bugs. do-not-merge/work-in-progress Used by openshift-ci bot.

Projects

None yet

Milestone

0.1.80

Development

Successfully merging this pull request may close these issues.

1 participant

@jan-cerny