Skip to content

Commit

Permalink
Fix audit access rules in ISM_O
Browse files Browse the repository at this point in the history 
The rules `audit_access_failed` and `audit_access_success` fail
after building and booting a CentOS Stream 9 hardened container image
with the `ism_o` profile. The reason is that the remediation fails
to create the files required by these rules because the package `audit`
that provides the directory `/etc/audit/rules.d` where these files
should be created isn't installed by default. The solution is to
install the `audit` package as a part of the profile remediation.
  • Loading branch information
@jan-cerny
jan-cerny committed Dec 4, 2024
1 parent 3b82cf9 commit f428b94
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions products/rhel9/profiles/e8.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ selections:
### Audit
- package_rsyslog_installed
- service_rsyslog_enabled
- package_audit_installed
- service_auditd_enabled
- var_auditd_flush=incremental_async
- auditd_data_retention_flush
Expand Down

0 comments on commit f428b94

Please sign in to comment.