While others might not care about RHEL 5 I can assure you there's a large enough user base that makes SSG content useless without it.
Not that I have an opinion or anything. Leam On Thu, Apr 3, 2014 at 9:36 AM, Steve Grubb <[email protected]> wrote: > Hello, > > The audit system can take rules that start with > > -a always,exit > > just as well as rules that start with > > -a exit,always > > This has been trouble for scanners because people see rules in both orders. > But people complained about this and as of the 2.0.6 release of the audit > package, all rules were in a consistent '-a always,exit' format. Someone > reported a problem on the linux-audit mail list saying they were failing a > scan. I check the SSG content and sure enough, its looking for rules in the > exit,always order. You can check it like so: > > grep -rl '\-a exit\,always' * > > The rules should be fixed to match only always,exit so that everything > everywhere is consistent. I would only be concerned about RHEL6/7 because > there is no possibility of changing the RHEL5 audit package to ship rules > that > are consistent. > > Thanks, > -Steve > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > -- Mind on a Mission <http://leamhall.blogspot.com/>
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
