Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some tags and three task names are wrong #27

Open
bgro opened this issue Feb 19, 2025 · 0 comments · May be fixed by #28
Open

Some tags and three task names are wrong #27

bgro opened this issue Feb 19, 2025 · 0 comments · May be fixed by #28
Labels
bug Something isn't working

Comments

@bgro
Copy link

bgro commented Feb 19, 2025

Have you checked ReadtheDocs?:
yes

Describe the Issue
A few of the tags and one task-name are wrong (i.e., they do not correspond to the CIS ID/rule that is implemented by the task), namely

Inconsistency in '1/.1 | PATCH | Ensure /var/log is a separate partition'      
         between rule id(s) in title, tags and when:                                                              
         title: []                                                                                                
         tags: ('1.1.2.6.1',)                                                                                     
         when: ('1.1.2.6.1',)                                                                                     
Inconsistency in '1/.1 | PATCH | Ensure /var/log/audit is a separate partition'
         between rule id(s) in title, tags and when:                                                              
         title: []                                                                                                
         tags: ('1.1.2.7.1',)                                                                                     
         when: ('1.1.2.7.1',)                                                                                     
Inconsistency in '2.1.7 | PATCH | Ensure ldap server services are not in use | 
         Remove package' between rule id(s) in title, tags and when:                                              
         title: ['2.1.7']                                                                                         
         tags: ('2.1.6',)                                                                                         
         when: ('2.1.7',)                                                                                         
Inconsistency in '2.1.7 | PATCH | Ensure ldap server services are not in use | 
         Mask service' between rule id(s) in title, tags and when:                                                
         title: ['2.1.7']                                                                                         
         tags: ('2.1.6',)                                                                                         
         when: ('2.1.7',)                                                                                         
Inconsistency in '2.1.7 | PATCH | Ensure ldap server services are not in use'  
         between rule id(s) in title, tags and when:                                                              
         title: ['2.1.7']                                                                                         
         tags: ('2.1.6',)                                                                                         
         when: ('2.1.7',)                                                                                         
Inconsistency in '3.2.1 | PATCH | Ensure dccp kernel module is not available | 
         blacklist' between rule id(s) in title, tags and when:                                                   
         title: ['3.2.1']                                                                                         
         tags: ('3.1.2',)                                                                                         
         when: ('3.1.2',)   
Inconsistency in '5.3.3.3.3 | AUDIT | Ensure pam_pwhistory includes use_authtok
         | Check existing files' between rule id(s) in title, tags and when:                                      
         title: ['5.3.3.3.3']                                                                                     
         tags: ('5.3.3.3.2',)                                                                                     
         when: ('5.3.3.3.3',)                                                                                     
Inconsistency in '5.3.3.3.3 | PATCH | Ensure pam_pwhistory includes use_authtok
         | Ensure remember is set' between rule id(s) in title, tags and when:                                    
         title: ['5.3.3.3.3']                                                                                     
         tags: ('5.3.3.3.2',)                                                                                     
         when: ('5.3.3.3.3',)                                                                                     
Inconsistency in '5.3.3.3.3 | PATCH | Ensure pam_pwhistory includes            
         use_authtok' between rule id(s) in title, tags and when:                                                 
         title: ['5.3.3.3.3']                                                                                     
         tags: ('5.3.3.3.2',)                                                                                     
         when: ('5.3.3.3.3',)                                                                                     
Inconsistency in '5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group |
         Get groups with gid 0' between rule id(s) in title, tags and when:                                       
         title: ['5.4.2.3']                                                                                       
         tags: ('5.4.2.2',)                                                                                       
         when: ('5.4.2.3',)                                                                                       
Inconsistency in '5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group |
         Warning if others gid 0 groups' between rule id(s) in title, tags and when:                              
         title: ['5.4.2.3']                                                                                       
         tags: ('5.4.2.2',)                                                                                       
         when: ('5.4.2.3',)                                                                                       
Inconsistency in '5.4.2.3 | AUDIT | Ensure group root is the only GID 0 group' 
         between rule id(s) in title, tags and when:                                                              
         title: ['5.4.2.3']                                                                                       
         tags: ('5.4.2.2',)                                                                                       
         when: ('5.4.2.3',)                                                                                       
Inconsistency in '7.2.4 | AUDIT | Ensure shadow group is empty | check users in
         group' between rule id(s) in title, tags and when:                                                       
         title: ['7.2.4']                                                                                         
         tags: ('6.2.4',)                                                                                         
         when: ('7.2.4',)                                                                                         
Inconsistency in '7.2.4 | AUDIT | Ensure shadow group is empty | check users in
         group' between rule id(s) in title, tags and when:                                                       
         title: ['7.2.4']                                                                                         
         tags: ('6.2.4',)                                                                                         
         when: ('7.2.4',)                                                                                         
Inconsistency in '7.2.4 | PATCH | Ensure shadow group is empty' between rule   
         id(s) in title, tags and when:                                                                           
         title: ['7.2.4']                                                                                         
         tags: ('6.2.4',)                                                                                         
         when: ('7.2.4',)

Expected Behavior

There should not be these inconsistencies.

Actual Behavior
n/a

Control(s) Affected
See above

Environment (please complete the following information):

  • branch being used: devel

Additional Notes
Anything additional goes here

Possible Solution
I will open a PR.
@bgro bgro added the bug Something isn't working label Feb 19, 2025
@bgro bgro linked a pull request Feb 19, 2025 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Some tags and three task names are wrong siemens/DEBIAN12-CIS
1 participant
@bgro