Skip to content

Commit

Permalink
add EL9 support
Browse files Browse the repository at this point in the history
  • Loading branch information
@jhoblitt
jhoblitt committed Aug 22, 2023
1 parent 773fd48 commit 2ee7b64
Show file tree
Hide file tree
Showing 5 changed files with 180 additions and 5 deletions.
57 changes: 57 additions & 0 deletions data/os/AlmaLinux-9.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
---
# Default to auditd version 3 settings
auditd::plugin_dir: '/etc/audit/plugins.d'
auditd::config::audisp::syslog::type: 'always'
auditd::config::audisp::syslog::syslog_path: '/sbin/audisp-syslog'
auditd::config::audisp::syslog::pkg_name: 'audispd-plugins'

auditd::config::audit_profiles::stig::default_suid_sgid_cmds:
- "/usr/bin/at"
- "/usr/bin/chage"
- "/usr/bin/chcon"
- "/usr/bin/chfn"
- "/usr/bin/chsh"
- "/usr/bin/crontab"
- "/usr/bin/fusermount"
- "/usr/bin/gpasswd"
- "/usr/bin/incrontab"
- "/usr/bin/ksu"
- "/usr/bin/locate"
- "/usr/bin/mount"
- "/usr/bin/newgidmap"
- "/usr/bin/newgrp"
- "/usr/bin/newuidmap"
- "/usr/bin/passwd"
- "/usr/bin/pkexec"
- "/usr/bin/screen"
- "/usr/bin/ssh-agent"
- "/usr/bin/su"
- "/usr/bin/sudo"
- "/usr/bin/sudoedit"
- "/usr/bin/umount"
- "/usr/bin/wall"
- "/usr/bin/write"
- "/usr/bin/Xorg"
- "/usr/lib64/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/openssh/ssh-keysign"
- "/usr/libexec/pt_chown"
- "/usr/libexec/sssd/krb5_child"
- "/usr/libexec/sssd/ldap_child"
- "/usr/libexec/sssd/proxy_child"
- "/usr/libexec/sssd/selinux_child"
- "/usr/libexec/utempter/utempter"
- "/usr/lib/polkit-1/polkit-agent-helper-1"
- "/usr/sbin/mount.nfs"
- "/usr/sbin/netreport"
- "/usr/sbin/pam_timestamp_check"
- "/usr/sbin/postdrop"
- "/usr/sbin/postqueue"
- "/usr/sbin/restorecon"
- "/usr/sbin/semanage"
- "/usr/sbin/setfiles"
- "/usr/sbin/setsebool"
- "/usr/sbin/seunshare"
- "/usr/sbin/unix_chkpwd"
- "/usr/sbin/userhelper"
- "/usr/sbin/usernetctl"
57 changes: 57 additions & 0 deletions data/os/CentOS-9.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
---
# Default to auditd version 3 settings
auditd::plugin_dir: '/etc/audit/plugins.d'
auditd::config::audisp::syslog::type: 'always'
auditd::config::audisp::syslog::syslog_path: '/sbin/audisp-syslog'
auditd::config::audisp::syslog::pkg_name: 'audispd-plugins'

auditd::config::audit_profiles::stig::default_suid_sgid_cmds:
- "/usr/bin/at"
- "/usr/bin/chage"
- "/usr/bin/chcon"
- "/usr/bin/chfn"
- "/usr/bin/chsh"
- "/usr/bin/crontab"
- "/usr/bin/fusermount"
- "/usr/bin/gpasswd"
- "/usr/bin/incrontab"
- "/usr/bin/ksu"
- "/usr/bin/locate"
- "/usr/bin/mount"
- "/usr/bin/newgidmap"
- "/usr/bin/newgrp"
- "/usr/bin/newuidmap"
- "/usr/bin/passwd"
- "/usr/bin/pkexec"
- "/usr/bin/screen"
- "/usr/bin/ssh-agent"
- "/usr/bin/su"
- "/usr/bin/sudo"
- "/usr/bin/sudoedit"
- "/usr/bin/umount"
- "/usr/bin/wall"
- "/usr/bin/write"
- "/usr/bin/Xorg"
- "/usr/lib64/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/openssh/ssh-keysign"
- "/usr/libexec/pt_chown"
- "/usr/libexec/sssd/krb5_child"
- "/usr/libexec/sssd/ldap_child"
- "/usr/libexec/sssd/proxy_child"
- "/usr/libexec/sssd/selinux_child"
- "/usr/libexec/utempter/utempter"
- "/usr/lib/polkit-1/polkit-agent-helper-1"
- "/usr/sbin/mount.nfs"
- "/usr/sbin/netreport"
- "/usr/sbin/pam_timestamp_check"
- "/usr/sbin/postdrop"
- "/usr/sbin/postqueue"
- "/usr/sbin/restorecon"
- "/usr/sbin/semanage"
- "/usr/sbin/setfiles"
- "/usr/sbin/setsebool"
- "/usr/sbin/seunshare"
- "/usr/sbin/unix_chkpwd"
- "/usr/sbin/userhelper"
- "/usr/sbin/usernetctl"
57 changes: 57 additions & 0 deletions data/os/Rocky-9.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
---
# Default to auditd version 3 settings
auditd::plugin_dir: '/etc/audit/plugins.d'
auditd::config::audisp::syslog::type: 'always'
auditd::config::audisp::syslog::syslog_path: '/sbin/audisp-syslog'
auditd::config::audisp::syslog::pkg_name: 'audispd-plugins'

auditd::config::audit_profiles::stig::default_suid_sgid_cmds:
- "/usr/bin/at"
- "/usr/bin/chage"
- "/usr/bin/chcon"
- "/usr/bin/chfn"
- "/usr/bin/chsh"
- "/usr/bin/crontab"
- "/usr/bin/fusermount"
- "/usr/bin/gpasswd"
- "/usr/bin/incrontab"
- "/usr/bin/ksu"
- "/usr/bin/locate"
- "/usr/bin/mount"
- "/usr/bin/newgidmap"
- "/usr/bin/newgrp"
- "/usr/bin/newuidmap"
- "/usr/bin/passwd"
- "/usr/bin/pkexec"
- "/usr/bin/screen"
- "/usr/bin/ssh-agent"
- "/usr/bin/su"
- "/usr/bin/sudo"
- "/usr/bin/sudoedit"
- "/usr/bin/umount"
- "/usr/bin/wall"
- "/usr/bin/write"
- "/usr/bin/Xorg"
- "/usr/lib64/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/dbus-1/dbus-daemon-launch-helper"
- "/usr/libexec/openssh/ssh-keysign"
- "/usr/libexec/pt_chown"
- "/usr/libexec/sssd/krb5_child"
- "/usr/libexec/sssd/ldap_child"
- "/usr/libexec/sssd/proxy_child"
- "/usr/libexec/sssd/selinux_child"
- "/usr/libexec/utempter/utempter"
- "/usr/lib/polkit-1/polkit-agent-helper-1"
- "/usr/sbin/mount.nfs"
- "/usr/sbin/netreport"
- "/usr/sbin/pam_timestamp_check"
- "/usr/sbin/postdrop"
- "/usr/sbin/postqueue"
- "/usr/sbin/restorecon"
- "/usr/sbin/semanage"
- "/usr/sbin/setfiles"
- "/usr/sbin/setsebool"
- "/usr/sbin/seunshare"
- "/usr/sbin/unix_chkpwd"
- "/usr/sbin/userhelper"
- "/usr/sbin/usernetctl"
12 changes: 8 additions & 4 deletions metadata.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,14 +45,16 @@
"operatingsystem": "CentOS",
"operatingsystemrelease": [
"7",
"8"
"8",
"9"
]
},
{
"operatingsystem": "RedHat",
"operatingsystemrelease": [
"7",
"8"
"8",
"9"
]
},
{
Expand All @@ -65,13 +67,15 @@
{
"operatingsystem": "AlmaLinux",
"operatingsystemrelease": [
"8"
"8",
"9"
]
},
{
"operatingsystem": "Rocky",
"operatingsystemrelease": [
"8"
"8",
"9"
]
}
],
Expand Down
2 changes: 1 addition & 1 deletion spec/classes/config_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -250,7 +250,7 @@
:content => complete_content + "\n"
})

if (facts[:auditd_major_version].nil? && (facts[:os][:release][:major] == '8')) ||
if (facts[:auditd_major_version].nil? && (facts[:os][:release][:major] >= '8')) ||
(facts[:auditd_major_version] == '3')
is_expected.to contain_file('/etc/audit/auditd.conf').with_content(%r(^local_events = .*$))
else
Expand Down

0 comments on commit 2ee7b64

Please sign in to comment.