From dbf6e30e81d1ae94b43313248faff17a1e0c5386 Mon Sep 17 00:00:00 2001 From: Eric Berry Date: Tue, 10 Dec 2024 14:59:07 -0800 Subject: [PATCH 1/3] Ubuntu 24.04 1.3.1.1 Ensure AppArmor is installed --- components/apparmor.yml | 1 + controls/cis_ubuntu2404.yml | 8 ++++---- .../package_apparmor-utils_installed/rule.yml | 17 +++++++++++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) create mode 100644 linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml diff --git a/components/apparmor.yml b/components/apparmor.yml index 1bdf6b5fe86..9f2e000260e 100644 --- a/components/apparmor.yml +++ b/components/apparmor.yml @@ -10,4 +10,5 @@ rules: - apparmor_configured - grub2_enable_apparmor - package_apparmor_installed +- package_apparmor-utils_installed - package_pam_apparmor_installed diff --git a/controls/cis_ubuntu2404.yml b/controls/cis_ubuntu2404.yml index 74a2cee01e6..f33a15a7d6a 100644 --- a/controls/cis_ubuntu2404.yml +++ b/controls/cis_ubuntu2404.yml @@ -368,11 +368,11 @@ controls: levels: - l1_server - l1_workstation - related_rules: + rules: - package_apparmor_installed - status: planned - notes: TODO. Partial/incorrect implementation exists.See related rules. Analogous to ubuntu2204/1.6.1.1. - + - package_apparmor-utils_installed + status: automated + - id: 1.3.1.2 title: Ensure AppArmor is enabled in the bootloader configuration (Automated) levels: diff --git a/linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml b/linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml new file mode 100644 index 00000000000..51b4d38de4f --- /dev/null +++ b/linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml @@ -0,0 +1,17 @@ +documentation_complete: true + +title: 'Ensure AppArmor Utils is installed' + +description: |- + AppArmor provide Mandatory Access Controls. + +rationale: |- + Without a Mandatory Access Control system installed only the default + Discretionary Access Control system will be available. + +severity: medium + +template: + name: package_installed + vars: + pkgname: apparmor-utils From 434f266bbc1a893894e69da26c2f26181b03691d Mon Sep 17 00:00:00 2001 From: Eric Berry Date: Mon, 16 Dec 2024 15:25:55 -0800 Subject: [PATCH 2/3] Ubuntu 24.04 1.3.1.1 Ensure AppArmor is installed --- components/apparmor-utils.yml | 7 +++++++ components/apparmor.yml | 1 - 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 components/apparmor-utils.yml diff --git a/components/apparmor-utils.yml b/components/apparmor-utils.yml new file mode 100644 index 00000000000..05679e006f2 --- /dev/null +++ b/components/apparmor-utils.yml @@ -0,0 +1,7 @@ +groups: +- apparmor-utils +name: apparmor-utils +packages: +- apparmor-utils +rules: +- package_apparmor-utils_installed diff --git a/components/apparmor.yml b/components/apparmor.yml index 9f2e000260e..1bdf6b5fe86 100644 --- a/components/apparmor.yml +++ b/components/apparmor.yml @@ -10,5 +10,4 @@ rules: - apparmor_configured - grub2_enable_apparmor - package_apparmor_installed -- package_apparmor-utils_installed - package_pam_apparmor_installed From 33ac711237bfef6b9f90a62b94105faa13e406a8 Mon Sep 17 00:00:00 2001 From: Eric Berry Date: Tue, 17 Dec 2024 11:11:16 -0800 Subject: [PATCH 3/3] Ubuntu 24.04 1.3.1.1 Ensure AppArmor is installed --- components/apparmor.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/components/apparmor.yml b/components/apparmor.yml index 1bdf6b5fe86..9f2e000260e 100644 --- a/components/apparmor.yml +++ b/components/apparmor.yml @@ -10,4 +10,5 @@ rules: - apparmor_configured - grub2_enable_apparmor - package_apparmor_installed +- package_apparmor-utils_installed - package_pam_apparmor_installed