From 16338862cd9aa7b2ae24b102a376c0288eae26a2 Mon Sep 17 00:00:00 2001 From: "steven.y.gui" Date: Mon, 19 Feb 2024 19:22:35 +0800 Subject: [PATCH] support 2403LTS --- add-openeuler-control-rules.patch | 758 +++++++++++++++--------------- add-openeuler-support.patch | 245 +++++----- scap-security-guide.spec | 5 +- 3 files changed, 507 insertions(+), 501 deletions(-) diff --git a/add-openeuler-control-rules.patch b/add-openeuler-control-rules.patch index 6b102c3..57bbbde 100644 --- a/add-openeuler-control-rules.patch +++ b/add-openeuler-control-rules.patch @@ -1,6 +1,6 @@ -From 609b79104a186853755763c144c70a7fbe26d632 Mon Sep 17 00:00:00 2001 +From 3fbea982617efca9b39a12724d7bad94ca8d849c Mon Sep 17 00:00:00 2001 From: "steven.y.gui" -Date: Mon, 9 Oct 2023 21:05:12 +0800 +Date: Mon, 19 Feb 2024 16:22:48 +0800 Subject: [PATCH] add openeuler control rules --- @@ -196,8 +196,8 @@ Subject: [PATCH] add openeuler control rules .../rule.yml | 2 +- .../rule.yml | 2 +- .../ensure_gpgcheck_never_disabled/rule.yml | 2 +- - products/openeuler/product.yml | 1 + products/openeuler2203/product.yml | 1 + + products/openeuler2403/product.yml | 1 + shared/applicability/package.yml | 2 +- 195 files changed, 2599 insertions(+), 187 deletions(-) create mode 100644 linux_os/guide/system/accounts/accounts-banners/warning_banners/rule.yml @@ -2021,379 +2021,379 @@ index 5599b04..eb66293 100644 + - rsyslog_accept_remote_messages_udp + - rsyslog_accept_remote_messages_udp.severity=low diff --git a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml -index 2b0e53a..b19024e 100644 +index 2b0e53a..e799bae 100644 --- a/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml +++ b/linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Avahi Server Software' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml -index 4ce4b1e..d3e3cfd 100644 +index 4ce4b1e..e63cf34 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml -index 032b15e..eec4953 100644 +index 032b15e..226d9c8 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml -index 2d4f1f9..b7c758b 100644 +index 2d4f1f9..9065a84 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml -index d47730c..c179f68 100644 +index d47730c..35a16a3 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml -index c63c3de..c8571b5 100644 +index c63c3de..7eadb97 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml -index 3f43b81..90eed40 100644 +index 3f43b81..6e39d76 100644 --- a/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns Crontab' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml -index 49b2e3a..7f9f665 100644 +index 49b2e3a..1cc18db 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml -index 74210b6..b3a3d7a 100644 +index 74210b6..0a448d8 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml -index 9e4ab04..ab90317 100644 +index 9e4ab04..f9130b7 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml -index 78dadcc..5c1d4b1 100644 +index 78dadcc..05ace52 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml -index 69001b6..6fdb59a 100644 +index 69001b6..51f3d9b 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml -index 2636571..b47a978 100644 +index 2636571..e5e1357 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Owner on crontab' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml -index 8d5e6dd..5b5544e 100644 +index 8d5e6dd..4dcd062 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.d' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml -index 175ba80..9d220b5 100644 +index 175ba80..f2a3301 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.daily' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml -index 7578b5d..d031af5 100644 +index 7578b5d..48b5bcc 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.hourly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml -index 4694a91..752c881 100644 +index 4694a91..3da1b9e 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.monthly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml -index 5409311..67c6101 100644 +index 5409311..b382c42 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on cron.weekly' diff --git a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml -index 009a233..0a5b580 100644 +index 009a233..777a0f1 100644 --- a/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on crontab' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml -index 81e089f..c4392c4 100644 +index 81e089f..18a9520 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 title: 'Ensure that /etc/at.deny does not exist' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml -index a164bf3..6ef3b6d 100644 +index a164bf3..9eed643 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2204 title: 'Ensure that /etc/cron.deny does not exist' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml -index c060951..07ba6d8 100644 +index c060951..c0821cd 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns /etc/at.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml -index a62e314..17156d9 100644 +index a62e314..1fb33f6 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Who Owns /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml -index dafb8d4..32bd17d 100644 +index dafb8d4..20b64ab 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify User Who Owns /etc/at.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml -index 4e59001..ce37c45 100644 +index 4e59001..0eae2e6 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify User Who Owns /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml -index aaa429e..1fc04cf 100644 +index aaa429e..30b6553 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on /etc/at.allow file' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml -index c2710c4..f718d9f 100644 +index c2710c4..1961b9a 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Permissions on /etc/cron.allow file' diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml -index ec390e3..57b10d5 100644 +index ec390e3..3a3c6d1 100644 --- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml +++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Enable cron Service' diff --git a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml -index 356f236..e47ce65 100644 +index 356f236..b8324bf 100644 --- a/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml +++ b/linux_os/guide/services/dhcp/disabling_dhcp_server/service_dhcpd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disable DHCP Service' diff --git a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml -index ce858b1..e519031 100644 +index ce858b1..1387845 100644 --- a/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml +++ b/linux_os/guide/services/dns/disabling_dns_server/service_named_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disable named Service' diff --git a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml -index 044177b..dbf39f7 100644 +index 044177b..07543b0 100644 --- a/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml +++ b/linux_os/guide/services/http/disabling_httpd/package_httpd_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall httpd Package' diff --git a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml -index 2ec31a2..429ee11 100644 +index 2ec31a2..6644f7d 100644 --- a/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_client/package_openldap-clients_removed/rule.yml @@ -8,7 +8,7 @@ @@ -2401,12 +2401,12 @@ index 2ec31a2..429ee11 100644 documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 title: 'Ensure LDAP client is not installed' diff --git a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml -index bf75fff..15cfa2c 100644 +index bf75fff..828d36d 100644 --- a/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml +++ b/linux_os/guide/services/ldap/openldap_server/package_openldap-servers_removed/rule.yml @@ -11,7 +11,7 @@ @@ -2414,91 +2414,91 @@ index bf75fff..15cfa2c 100644 documentation_complete: true -prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu1604,ubuntu1804,ubuntu2004,ubuntu2204 title: 'Uninstall openldap-servers Package' diff --git a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml -index 9071b7e..632ebdd 100644 +index 9071b7e..fd41721 100644 --- a/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/disabling_nfs/disabling_nfs_services/service_rpcbind_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disable rpcbind Service' diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml -index 91f73ab..8a33473 100644 +index 91f73ab..8cdd594 100644 --- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml +++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_clients/disabling_nfsd/service_nfs_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disable Network File System (nfs)' diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml -index c74221c..d0047a2 100644 +index c74221c..6a2919f 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhv4 -+prodtype: alinux2,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhv4 ++prodtype: alinux2,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhv4 title: 'Specify a Remote NTP Server' diff --git a/linux_os/guide/services/ntp/ntpd_configure_restrictions/rule.yml b/linux_os/guide/services/ntp/ntpd_configure_restrictions/rule.yml -index de51899..bdcec4b 100644 +index de51899..e4a62cb 100644 --- a/linux_os/guide/services/ntp/ntpd_configure_restrictions/rule.yml +++ b/linux_os/guide/services/ntp/ntpd_configure_restrictions/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,rhel7,sle12,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,openeuler,openeuler2203,rhel7,sle12,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,openeuler2203,openeuler2403,rhel7,sle12,ubuntu2004,ubuntu2204 title: 'Configure server restrictions for ntpd' diff --git a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml -index c5f90c4..0c02891 100644 +index c5f90c4..5f79ef7 100644 --- a/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml +++ b/linux_os/guide/services/obsolete/nis/package_ypbind_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Remove NIS Client' diff --git a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml -index b057fc5..273ac59 100644 +index b057fc5..359340e 100644 --- a/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml +++ b/linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Uninstall ypserv Package' diff --git a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml -index de1f832..38fcbb5 100644 +index de1f832..1653ad3 100644 --- a/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml +++ b/linux_os/guide/services/obsolete/service_rsyncd_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Ensure rsyncd service is disabled' @@ -2506,77 +2506,77 @@ index de1f832..38fcbb5 100644 packagename@ol7: rsync packagename@sle12: rsync packagename@sle15: rsync -+ packagename@openeuler: rsync + packagename@openeuler2203: rsync ++ packagename@openeuler2403: rsync diff --git a/linux_os/guide/services/printing/package_cups_removed/rule.yml b/linux_os/guide/services/printing/package_cups_removed/rule.yml -index df44086..390d453 100644 +index df44086..e6e13cf 100644 --- a/linux_os/guide/services/printing/package_cups_removed/rule.yml +++ b/linux_os/guide/services/printing/package_cups_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall CUPS Package' diff --git a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml -index 1b633c6..8c85563 100644 +index 1b633c6..2b8ef03 100644 --- a/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml +++ b/linux_os/guide/services/smb/disabling_samba/package_samba_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall Samba Package' diff --git a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml -index 3763480..9cfc697 100644 +index 3763480..aaf1c94 100644 --- a/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml +++ b/linux_os/guide/services/snmp/disabling_snmp_service/package_net-snmp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: debian10,debian11,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: debian10,debian11,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: debian10,debian11,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Uninstall net-snmp Package' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/rule.yml -index 91e0556..1fbb9ad 100644 +index 91e0556..3e32b5e 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_ciphers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: ol7,rhel7,sle12,sle15,ubuntu2204 -+prodtype: ol7,openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2204 ++prodtype: ol7,openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2204 title: 'Use Only Strong Ciphers' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_kex/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_kex/rule.yml -index 0a0b3a9..25f9bcb 100644 +index 0a0b3a9..a928355 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_kex/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_kex/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Use Only Strong Key Exchange algorithms' diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml -index b6fea18..290b6d7 100644 +index b6fea18..c9e4f13 100644 --- a/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml +++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_strong_macs/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: ol7,rhel7,sle12,sle15,ubuntu2204 -+prodtype: ol7,openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2204 ++prodtype: ol7,openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2204 title: 'Use Only Strong MACs' @@ -2590,146 +2590,146 @@ index 9becb4b..c0519e2 100644 cis_ubuntu2004: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 + std_openeuler: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml -index 170f89f..70416f0 100644 +index 170f89f..5af9d26 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/package_xorg-x11-server-common_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Remove the X Windows Package Group' diff --git a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml -index 607ed94..1c24b38 100644 +index 607ed94..eb84592 100644 --- a/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml +++ b/linux_os/guide/services/xwindows/disabling_xwindows/xwindows_remove_packages/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: alinux2,alinux3,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: alinux2,alinux3,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disable graphical user interface' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml -index 5e6d02f..eba37aa 100644 +index 5e6d02f..ce9a463 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Ownership of System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml -index 76b10f4..8ce74bf 100644 +index 76b10f4..be54b97 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_issue_net/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Ownership of System Login Banner for Remote Connections' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml -index 2e796ee..ce9743c 100644 +index 2e796ee..90ef7e1 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_groupowner_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify Group Ownership of Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml -index 70b4f39..37b8fba 100644 +index 70b4f39..0f8b6e1 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify ownership of System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml -index cff8e39..180bdab 100644 +index cff8e39..8efa940 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify ownership of System Login Banner for Remote Connections' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml -index 16011b1..c53d09b 100644 +index 16011b1..954946b 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify ownership of Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml -index 9968c5c..f7a4761 100644 +index 9968c5c..a7b4364 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify permissions on System Login Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml -index cb8d9db..13c9b06 100644 +index cb8d9db..02b69cb 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_issue_net/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify permissions on System Login Banner for Remote Connections' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml -index 339274b..f78d355 100644 +index 339274b..0038c14 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_permissions_etc_motd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Verify permissions on Message of the Day Banner' diff --git a/linux_os/guide/system/accounts/accounts-banners/warning_banners/rule.yml b/linux_os/guide/system/accounts/accounts-banners/warning_banners/rule.yml new file mode 100644 -index 0000000..c6e6793 +index 0000000..548b47b --- /dev/null +++ b/linux_os/guide/system/accounts/accounts-banners/warning_banners/rule.yml @@ -0,0 +1,24 @@ +documentation_complete: true + -+prodtype: openeuler,openeuler2203 ++prodtype: openeuler2203,openeuler2403 + +title: 'Check Warning Banners Correctly' + @@ -2752,14 +2752,14 @@ index 0000000..c6e6793 + +platform: machine diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml -index f3e6931..8ec50b5 100644 +index f3e6931..2118833 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Limit Password Reuse' @@ -3061,14 +3061,14 @@ index 0000000..0abb80d + + diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml -index 3f7bbd8..1cc2638 100644 +index 3f7bbd8..d1d77f0 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2204 title: 'Lock Accounts After Failed Password Attempts' @@ -3364,14 +3364,14 @@ index 0000000..94c1eca + + diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml -index 7157b51..df1cb5f 100644 +index 7157b51..6022dcd 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2204 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2204 title: 'Set Lockout Time for Failed Password Attempts' @@ -3387,134 +3387,134 @@ index 46c73e4..206b03e 100644 default: 0 never: 0 diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml -index e67cd88..d5f9746 100644 +index e67cd88..5843fd2 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Digit Characters' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml -index d41ca6c..76f0278 100644 +index d41ca6c..6ec6fba 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dictcheck/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004 -+prodtype: fedora,ol8,ol9,openeuler,openeuler2203,rhel8,rhel9,ubuntu2004 ++prodtype: fedora,ol8,ol9,openeuler2203,openeuler2403,rhel8,rhel9,ubuntu2004 title: 'Ensure PAM Enforces Password Requirements - Prevent the Use of Dictionary Words' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml -index 198475c..9556a31 100644 +index 198475c..15f4617 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_enforce_root/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol9,rhel8,rhel9 -+prodtype: fedora,ol9,openeuler,openeuler2203,rhel8,rhel9 ++prodtype: fedora,ol9,openeuler2203,openeuler2403,rhel8,rhel9 title: 'Ensure PAM Enforces Password Requirements - Enforce for root User' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml -index 5799a7b..efffdcc 100644 +index 5799a7b..4de04a1 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Lowercase Characters' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml -index 45a8dfa..242c289 100644 +index 45a8dfa..d0c33ab 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minclass/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Different Categories' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml -index f05b6e0..9405892 100644 +index f05b6e0..6a9b551 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Length' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml -index 632aa24..72aa240 100644 +index 632aa24..89fd371 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Special Characters' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml -index df2272b..a1e073a 100644 +index df2272b..c3052a0 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle15,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session' diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml -index 6c631ea..8e92116 100644 +index 6c631ea..5b4041c 100644 --- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,ubuntu2004,ubuntu2204 title: 'Ensure PAM Enforces Password Requirements - Minimum Uppercase Characters' diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml -index bf87c9c..6429c58 100644 +index bf87c9c..786e396 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_passwordauth/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: "Set PAM''s Password Hashing Algorithm - password-auth" diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml -index 5375365..513ec7d 100644 +index 5375365..803ad40 100644 --- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: "Set PAM''s Password Hashing Algorithm" @@ -3527,19 +3527,19 @@ index fadfa30..7cc8b57 100644 /usr/lib/systemd/system/emergency.service - {{%- if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}} -+ {{%- if product in ["fedora", "ol8", "ol9", "openeuler", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}} ++ {{%- if product in ["fedora", "ol8", "ol9", "openeuler2203", "openeuler2403", "rhel8", "rhel9", "sle12", "sle15"] -%}} ^ExecStart=\-/usr/lib/systemd/systemd-sulogin-shell[\s]+emergency {{%- else -%}} ^ExecStart=\-/bin/sh[\s]+-c[\s]+\"(/usr)?/sbin/sulogin;[\s]+/usr/bin/systemctl[\s]+--fail[\s]+--no-block[\s]+default\" diff --git a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml -index e3b3c18..e2e8b3b 100644 +index e3b3c18..53bea43 100644 --- a/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/require_emergency_target_auth/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Require Authentication for Emergency Systemd Target' @@ -3548,67 +3548,67 @@ index e3b3c18..e2e8b3b 100644 Add or edit the following line in "/usr/lib/systemd/system/emergency.service": - {{% if product in ["fedora", "ol8", "ol9", "rhel8", "rhel9", "sle12", "sle15"] -%}} -+ {{% if product in ["fedora", "ol8", "ol9", "openeuler", "openeuler2203", "rhel8", "rhel9", "sle12", "sle15"] -%}} ++ {{% if product in ["fedora", "ol8", "ol9", "openeuler2203", "openeuler2403", "rhel8", "rhel9", "sle12", "sle15"] -%}} ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency {{%- else -%}} ExecStart=-/bin/sh -c "/sbin/sulogin; /usr/bin/systemctl --fail --no-block default" diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml -index f232eb7..ac93b58 100644 +index f232eb7..7f9c4dc 100644 --- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml +++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 title: 'Disable debug-shell SystemD Service' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml -index d4b7117..7f21632 100644 +index d4b7117..0493d9e 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_temp_expire_date/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004 title: 'Assign Expiration Date to Temporary Accounts' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml -index 3cda626..805b65c 100644 +index 3cda626..aca9ef5 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/account_unique_id/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure All Accounts on the System Have Unique User IDs' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml -index aa5a69c..796102a 100644 +index aa5a69c..0cb8d6e 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_id/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure All Groups on the System Have Unique Group ID' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml -index 55b2c5e..a2793d9 100644 +index 55b2c5e..e1da489 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/group_unique_name/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,openeuler,openeuler2203,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,openeuler2203,openeuler2403,rhel7,rhel8,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure All Groups on the System Have Unique Group Names' @@ -3631,451 +3631,451 @@ index 3cbb4d9..7eaac40 100644 platform: package[shadow-utils] - diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml -index c101f11..53f5675 100644 +index c101f11..fc64d11 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_forward_files/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 -+prodtype: alinux2,alinux3,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 ++prodtype: alinux2,alinux3,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004 title: 'Verify No .forward Files Exist' diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml -index d0ed1f4..37f8217 100644 +index d0ed1f4..3f33979 100644 --- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml +++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/use_pam_wheel_for_su/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Enforce usage of pam_wheel for su authentication' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml -index a660109..51167f4 100644 +index a660109..1b6a66f 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Set Interactive Session Timeout' diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml -index e58fb7d..f35812f 100644 +index e58fb7d..a4f4432 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'All Interactive Users Home Directories Must Exist' diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml -index 1795fac..013ceea 100644 +index 1795fac..1148bf9 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure the Default Bash Umask is Set Correctly' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml -index d3b0186..fe64bd1 100644 +index d3b0186..1dbd420 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chmod/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle15 title: 'Record Successful Permission Changes to Files - chmod' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml -index 241d1d6..49301c0 100644 +index 241d1d6..7996a8f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_chown/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Ownership Changes to Files - chown' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml -index ce7070e..c611b7c 100644 +index ce7070e..c62a171 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmod/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - fchmod' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml -index 4b6cee0..a5d2ca8 100644 +index 4b6cee0..c839def 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchmodat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - fchmodat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml -index 6bc0b95..d42607f 100644 +index 6bc0b95..f4eb579 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchown/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Ownership Changes to Files - fchown' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml -index e882a57..3c853b6 100644 +index e882a57..545979e 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fchownat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Ownership Changes to Files - fchownat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml -index ee4ff3a..1e52494 100644 +index ee4ff3a..090ecb1 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fremovexattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - fremovexattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml -index d40bfde..7277bd1 100644 +index d40bfde..be1e1fa 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_fsetxattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - fsetxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml -index 90873b1..87381e0 100644 +index 90873b1..d313b57 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lchown/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Ownership Changes to Files - lchown' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml -index acbfbc0..13dfb71 100644 +index acbfbc0..b424556 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lremovexattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - lremovexattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml -index b669f75..44298ab 100644 +index b669f75..c72f4ad 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_lsetxattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - lsetxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml -index 7d7e3eb..19871bc 100644 +index 7d7e3eb..14ed330 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_removexattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - removexattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml -index 82d103e..bd269b3 100644 +index 82d103e..5f29767 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_rename/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Delete Attempts to Files - rename' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml -index 1736c97..a15861b 100644 +index 1736c97..44bf9e0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_renameat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Delete Attempts to Files - renameat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml -index 75809f4..f0b0bea 100644 +index 75809f4..b167733 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_setxattr/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Permission Changes to Files - setxattr' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml -index 91e8f67..6fb1c6d 100644 +index 91e8f67..cb411e5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlink/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Delete Attempts to Files - unlink' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml -index a11b195..8d9d762 100644 +index a11b195..86bab31 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_successful_file_modification_unlinkat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Record Successful Delete Attempts to Files - unlinkat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml -index fe9f1d9..fb03953 100644 +index fe9f1d9..cc33a91 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Ensure auditd Collects Unauthorized Access Attempts to Files (unsuccessful)' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml -index 1b476f4..8c7b9c0 100644 +index 1b476f4..b873f49 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - creat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml -index 398110d..de52159 100644 +index 398110d..50b9592 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - ftruncate' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml -index 8893d52..de9b7df 100644 +index 8893d52..083feb4 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - open' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml -index cb615dc..828a35f 100644 +index cb615dc..cb62dd9 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - open_by_handle_at' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml -index 1126705..c2ab15f 100644 +index 1126705..aad0d0f 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - openat' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml -index 2884c9d..c3d156c 100644 +index 2884c9d..8f68d62 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Unsuccessful Access Attempts to Files - truncate' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml -index 90a7173..947078d 100644 +index 90a7173..368747c 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml -index f8ab574..940441d 100644 +index f8ab574..47b8db1 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on Kernel Module Unloading - delete_module' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml -index d63a995..881c52e 100644 +index d63a995..7c0230d 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on Kernel Module Loading and Unloading - finit_module' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml -index a1d7d2c..43f44a0 100644 +index a1d7d2c..dc25542 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on Kernel Module Loading - init_module' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml -index 34e160a..aa7fe5c 100644 +index 34e160a..006e96e 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Attempts to Alter Logon and Logout Events - lastlog' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml -index 1086361..63e6b1c 100644 +index 1086361..0b0e0bc 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - insmod' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml -index 19e74ab..4076677 100644 +index 19e74ab..b4d6fb5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - modprobe' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml -index bb5b567..58f9f60 100644 +index bb5b567..8849eb0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,openeuler,openeuler2203,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,openeuler2203,openeuler2403,rhel7,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - rmmod' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml -index 3d76a1a..3d76763 100644 +index 3d76a1a..e8da204 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml @@ -4,7 +4,7 @@ @@ -4083,247 +4083,247 @@ index 3d76a1a..3d76763 100644 documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure auditd Collects Information on the Use of Privileged Commands - sudo' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml -index 628dc4f..a017f1f 100644 +index 628dc4f..6a1e04e 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sudoers/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol8,ol9,rhel8,rhel9 -+prodtype: fedora,ol8,ol9,openeuler,openeuler2203,rhel8,rhel9 ++prodtype: fedora,ol8,ol9,openeuler2203,openeuler2403,rhel8,rhel9 title: 'Ensure auditd Collects System Administrator Actions - /etc/sudoers' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml -index 46128d8..ecde494 100644 +index 46128d8..b2d42c5 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Events that Modify User/Group Information - /etc/group' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml -index 5cfe91d..54c6700 100644 +index 5cfe91d..f502455 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Events that Modify User/Group Information - /etc/gshadow' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml -index d58af4c..c67feb3 100644 +index d58af4c..c35d421 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Events that Modify User/Group Information - /etc/security/opasswd' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml -index d67693e..9ebb3d8 100644 +index d67693e..cf91038 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Events that Modify User/Group Information - /etc/passwd' diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml -index 68a975a..ec1e736 100644 +index 68a975a..b5e3762 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Record Events that Modify User/Group Information - /etc/shadow' diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml -index 8ccde19..60a1a5e 100644 +index 8ccde19..10032fa 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Configure audispd''s Plugin disk_full_action When Disk Is Full' diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml -index 01c5df5..ff7cf72 100644 +index 01c5df5..91c9cb9 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_percentage/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol8,ol9,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 title: 'Configure auditd admin_space_left on Low Disk Space' diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml -index d9b97fb..e8a7d78 100644 +index d9b97fb..a8fe5c7 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: ol7,ol8,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: ol7,ol8,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: ol7,ol8,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Configure auditd space_left on Low Disk Space' diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml -index e81a90b..1f4100e 100644 +index e81a90b..1b9abe0 100644 --- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml +++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Auditing for Processes Which Start Prior to the Audit Daemon' diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml -index 65132d8..a96a7de 100644 +index 65132d8..6e3aeb6 100644 --- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml +++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Extend Audit Backlog Limit for the Audit Daemon' diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml -index 9acb58b..022892d 100644 +index 9acb58b..21f343b 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/grub2_password/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Set Boot Loader Password in grub2' diff --git a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml -index 18d5b92..d82f1ae 100644 +index 18d5b92..d749483 100644 --- a/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Set the UEFI Boot Loader Password' diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml -index 8a7b722..052fdf9 100644 +index 8a7b722..6755b6a 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4 title: 'Ensure cron Is Logging To Rsyslog' diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml -index 76f0e4b..60c43b3 100644 +index 76f0e4b..47aeef5 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_logging_configured/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Ensure logging is configured' diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml -index bea5ed4..84c0338 100644 +index bea5ed4..1588359 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_remote_access_monitoring/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol8,ol9,rhel8,rhel9,ubuntu2004,ubuntu2204 -+prodtype: fedora,ol8,ol9,openeuler,openeuler2203,rhel8,rhel9,ubuntu2004,ubuntu2204 ++prodtype: fedora,ol8,ol9,openeuler2203,openeuler2403,rhel8,rhel9,ubuntu2004,ubuntu2204 title: 'Ensure remote access methods are monitored in Rsyslog' diff --git a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml -index f37af58..39b8d25 100644 +index f37af58..b79c97c 100644 --- a/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml +++ b/linux_os/guide/system/logging/rsyslog_filecreatemode/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,rhel7,rhel8,rhel9,ubuntu2004,ubuntu2204 title: 'Ensure rsyslog Default File Permissions Configured' diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml -index cd22594..98d64dc 100644 +index cd22594..18b3db5 100644 --- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Verify firewalld Enabled' diff --git a/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml -index ae73778..9dca20e 100644 +index ae73778..6a5355a 100644 --- a/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/set_firewalld_appropriate_zone/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,rhel8,sle15 -+prodtype: rhel7,rhel8,openeuler,openeuler2203,sle15 ++prodtype: rhel7,rhel8,openeuler2203,openeuler2403,sle15 title: 'Ensure network interfaces are assigned to appropriate zone' diff --git a/linux_os/guide/system/network/network-firewalld/unnecessary_firewalld_services_ports_disabled/rule.yml b/linux_os/guide/system/network/network-firewalld/unnecessary_firewalld_services_ports_disabled/rule.yml -index 05f7144..608fcc5 100644 +index 05f7144..1f93b40 100644 --- a/linux_os/guide/system/network/network-firewalld/unnecessary_firewalld_services_ports_disabled/rule.yml +++ b/linux_os/guide/system/network/network-firewalld/unnecessary_firewalld_services_ports_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: sle15 -+prodtype: openeuler,openeuler2203,sle15 ++prodtype: openeuler2203,openeuler2403,sle15 title: 'Ensure Unnecessary Services and Ports Are Not Accepted' @@ -4335,7 +4335,7 @@ index 73e27ed..9b9db6f 100644 severity: medium -+{{% if product in ['openeuler','openeuler2203'] %}} ++{{% if product in ['openeuler2203','openeuler2403'] %}} +platform: machine +{{% else %}} platform: not package[nftables] and not package[ufw] @@ -4351,7 +4351,7 @@ index 6ab31a4..ef09802 100644 severity: medium -+{{% if product in ['openeuler','openeuler2203'] %}} ++{{% if product in ['openeuler2203','openeuler2403'] %}} +platform: machine +{{% else %}} platform: not package[nftables] and not package[ufw] @@ -4367,7 +4367,7 @@ index c7ea1c0..100a1ec 100644 severity: medium -+{{% if product in ['openeuler','openeuler2203'] %}} ++{{% if product in ['openeuler2203','openeuler2403'] %}} +platform: machine +{{% else %}} platform: not package[nftables] and not package[ufw] @@ -4376,38 +4376,38 @@ index c7ea1c0..100a1ec 100644 identifiers: cce@rhel7: CCE-86719-2 diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/set_iptables_outbound_n_established/rule.yml b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/set_iptables_outbound_n_established/rule.yml -index 88b1b36..f287a6e 100644 +index 88b1b36..34663ba 100644 --- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/set_iptables_outbound_n_established/rule.yml +++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/set_iptables_outbound_n_established/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: sle12,sle15 -+prodtype: openeuler,openeuler2203,sle12,sle15 ++prodtype: openeuler2203,openeuler2403,sle12,sle15 title: 'Ensure Outbound and Established Connections are Configured' diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml -index 9a69794..6436a1d 100644 +index 9a69794..f05d2c9 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Accepting ICMP Redirects for All IPv6 Interfaces' diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml -index c1f0dc4..08c91b4 100644 +index c1f0dc4..10100f3 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_accept_source_route/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv6 Interfaces' @@ -4419,14 +4419,14 @@ index c1f0dc4..08c91b4 100644 + missing_parameter_pass: 'true' +{{% endif %}} diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml -index c02cdc4..f7ebdf0 100644 +index c02cdc4..d155c12 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_all_forwarding/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for IPv6 Forwarding' @@ -4438,14 +4438,14 @@ index c02cdc4..f7ebdf0 100644 + missing_parameter_pass: 'true' +{{% endif %}} diff --git a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml -index e985040..25dfcad 100644 +index e985040..2a54324 100644 --- a/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml +++ b/linux_os/guide/system/network/network-ipv6/configuring_ipv6/sysctl_net_ipv6_conf_default_accept_source_route/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv6 Interfaces by Default' @@ -4457,254 +4457,254 @@ index e985040..25dfcad 100644 + missing_parameter_pass: 'true' +{{% endif %}} diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml -index 8756e21..8452042 100644 +index 8756e21..efd7d4a 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Accepting ICMP Redirects for All IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml -index 2ccc278..d3b3c5b 100644 +index 2ccc278..af51919 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_source_route/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on all IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml -index dfcd0b6..d2034a4 100644 +index dfcd0b6..0de28f3 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_log_martians/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Log Martian Packets on all IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml -index e3b2b18..29ed59f 100644 +index e3b2b18..95bf511 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_rp_filter/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml -index 849ae47..05520be 100644 +index 849ae47..a0aa7cf 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_secure_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Accepting Secure ICMP Redirects on all IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml -index 9a54bbc..30a2a52 100644 +index 9a54bbc..d7dcd8a 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Accepting Source-Routed Packets on IPv4 Interfaces by Default' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml -index 9ff43ba..8058dc6 100644 +index 9ff43ba..7e7e254 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_log_martians/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Paremeter to Log Martian Packets on all IPv4 Interfaces by Default' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml -index b688a15..9f4cde4 100644 +index b688a15..ac4ed33 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_rp_filter/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Use Reverse Path Filtering on all IPv4 Interfaces by Default' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml -index 90ef90f..85e46c3 100644 +index 90ef90f..c41f654 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_secure_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Configure Kernel Parameter for Accepting Secure Redirects By Default' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml -index 5b12a1b..5d08c84 100644 +index 5b12a1b..bccfe90 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Ignore ICMP Broadcast Echo Requests on IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml -index a5fb5f4..2382465 100644 +index a5fb5f4..1b1b6a0 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_ignore_bogus_error_responses/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Ignore Bogus ICMP Error Responses on IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml -index 31e76dd..aef79a5 100644 +index 31e76dd..274288f 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Enable Kernel Parameter to Use TCP Syncookies on Network Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml -index e6b948b..6b1339c 100644 +index e6b948b..ab99ff1 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml -index fc30851..c332cf9 100644 +index fc30851..f73277a 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for Sending ICMP Redirects on all IPv4 Interfaces by Default' diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml -index a485053..cbf5bce 100644 +index a485053..1c6493e 100644 --- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml +++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_ip_forward/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Kernel Parameter for IP Forwarding on IPv4 Interfaces' diff --git a/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml b/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml -index 7d989f7..6bf22f6 100644 +index 7d989f7..f9f161a 100644 --- a/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml +++ b/linux_os/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: sle15,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,sle15,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,sle15,ubuntu2004,ubuntu2204 title: 'Ensure nftables Default Deny Firewall Policy' diff --git a/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml b/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml -index 5be921e..388ef42 100644 +index 5be921e..56204f9 100644 --- a/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml +++ b/linux_os/guide/system/network/network-nftables/service_nftables_enabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel7,rhel8,sle15,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,rhel7,rhel8,sle15,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,rhel7,rhel8,sle15,ubuntu2004,ubuntu2204 title: 'Verify nftables Service is Enabled' diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_loopback_traffic/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_loopback_traffic/rule.yml -index 043c11b..3a6fd18 100644 +index 043c11b..6f9d562 100644 --- a/linux_os/guide/system/network/network-nftables/set_nftables_loopback_traffic/rule.yml +++ b/linux_os/guide/system/network/network-nftables/set_nftables_loopback_traffic/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: sle15,ubuntu2004,ubuntu2204 -+prodtype: openeuler,openeuler2203,sle15,ubuntu2004,ubuntu2204 ++prodtype: openeuler2203,openeuler2403,sle15,ubuntu2004,ubuntu2204 title: 'Set nftables Configuration for Loopback Traffic' diff --git a/linux_os/guide/system/network/network-nftables/set_nftables_new_connections/rule.yml b/linux_os/guide/system/network/network-nftables/set_nftables_new_connections/rule.yml -index ae1a369..df5cc53 100644 +index ae1a369..5adafb8 100644 --- a/linux_os/guide/system/network/network-nftables/set_nftables_new_connections/rule.yml +++ b/linux_os/guide/system/network/network-nftables/set_nftables_new_connections/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: sle15 -+prodtype: openeuler,openeuler2203,sle15 ++prodtype: openeuler2203,openeuler2403,sle15 title: 'Ensure all outbound and established connections are configured for nftables' diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml -index 20eeb3e..78c85d1 100644 +index 20eeb3e..f03402b 100644 --- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml +++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable SCTP Support' diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml -index 02cb56f..3742df9 100644 +index 02cb56f..17157d4 100644 --- a/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml +++ b/linux_os/guide/system/network/network-wireless/wireless_software/wireless_disable_interfaces/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Deactivate Wireless Network Interfaces' @@ -4712,13 +4712,13 @@ index 02cb56f..3742df9 100644 srg_requirement: '{{{ full_name }}} wireless network adapters must be disabled.' -+{{% if product in ['openeuler','openeuler2203'] %}} ++{{% if product in ['openeuler2203','openeuler2403'] %}} +platform: machine +{{% else %}} platform: wifi-iface +{{% endif %}} diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml -index 5683f30..d5212ac 100644 +index 5683f30..a85c072 100644 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true @@ -4726,12 +4726,12 @@ index 5683f30..d5212ac 100644 title: 'Ensure All SGID Executables Are Authorized' -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,uos20 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,uos20 description: |- The SGID (set group id) bit should be set only on files that were diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml -index 249f971..19fc2ee 100644 +index 249f971..58dc69a 100644 --- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml +++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true @@ -4739,67 +4739,67 @@ index 249f971..19fc2ee 100644 title: 'Ensure All SUID Executables Are Authorized' -prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15,uos20 -+prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15,uos20 ++prodtype: alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15,uos20 description: |- The SUID (set user id) bit should be set only on files that were diff --git a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml -index 11060d0..712b847 100644 +index 11060d0..936873d 100644 --- a/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml +++ b/linux_os/guide/system/permissions/files/file_permissions_ungroupowned/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure All Files Are Owned by a Group' diff --git a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml -index 13650fc..ccd5eef 100644 +index 13650fc..f9af42a 100644 --- a/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml +++ b/linux_os/guide/system/permissions/files/no_files_unowned_by_user/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Ensure All Files Are Owned by a User' diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml -index 8cbcf66..88ca5f0 100644 +index 8cbcf66..ed7412f 100644 --- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml +++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Disable Modprobe Loading of USB Storage Driver' diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml -index d06852d..f627292 100644 +index d06852d..327c297 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_removable_partitions/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 title: 'Add nodev Option to Removable Media Partitions' diff --git a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml -index 75934b9..09119e7 100644 +index 75934b9..d47a355 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml +++ b/linux_os/guide/system/permissions/partitions/mount_option_noexec_removable_partitions/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu1804 title: 'Add noexec Option to Removable Media Partitions' @@ -4818,103 +4818,103 @@ index ed025e4..024eceb 100644 fixtext: |- Configure {{{ full_name }}} to implement virtual address space randomization. diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml -index b73d219..1c51955 100644 +index b73d219..e122550 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Restrict Access to Kernel Message Buffer' diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml -index bf2e143..2701f65 100644 +index bf2e143..4df4480 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Disallow magic SysRq key' diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml -index e03106c..6df07fb 100644 +index e03106c..7e5b67a 100644 --- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml +++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,sle12,sle15 title: 'Restrict usage of ptrace to descendant processes' diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml -index 00cc2ff..bb7bf88 100644 +index 00cc2ff..8b5667b 100644 --- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml +++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle15 title: 'Ensure No Daemons are Unconfined by SELinux' diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml -index a49219e..47bf130 100644 +index a49219e..d9abd2d 100644 --- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml +++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Configure SELinux Policy' diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml -index e3b95bc..890eace 100644 +index e3b95bc..cb37065 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,rhcos4,rhel8,rhel9,rhv4,sle15,uos20 -+prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel8,rhel9,rhv4,sle15,uos20 ++prodtype: alinux2,alinux3,anolis8,fedora,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel8,rhel9,rhv4,sle15,uos20 title: 'Configure System Cryptography Policy' diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml -index 43e5f16..b43fbc4 100644 +index 43e5f16..9f1d220 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Build and Test AIDE Database' diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml -index a361171..37a8546 100644 +index a361171..ea14229 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,anolis8,debian10,debian11,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhcos4,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Install AIDE' diff --git a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml -index b90f566..b2e4b88 100644 +index b90f566..5fc764b 100644 --- a/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml +++ b/linux_os/guide/system/software/sudo/sudo_restrict_privilege_elevation_to_authorized/rule.yml @@ -2,7 +2,7 @@ documentation_complete: true @@ -4922,38 +4922,38 @@ index b90f566..b2e4b88 100644 title: 'The operating system must restrict privilege elevation to authorized personnel' -prodtype: ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 description: |- The sudo command allows a user to execute programs with elevated diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml -index 18c6f48..3e8fc56 100644 +index 18c6f48..26b59e9 100644 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20 -+prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20 ++prodtype: alinux2,alinux3,anolis8,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,uos20 title: 'Ensure gpgcheck Enabled In Main {{{ pkg_manager }}} Configuration' diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml -index 6428781..b136e6b 100644 +index 6428781..8e059b0 100644 --- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml +++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: alinux2,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Ensure gpgcheck Enabled for All {{{ pkg_manager }}} Package Repositories' -diff --git a/products/openeuler/product.yml b/products/openeuler/product.yml -index fd33efe..1b22b09 100644 ---- a/products/openeuler/product.yml -+++ b/products/openeuler/product.yml +diff --git a/products/openeuler2203/product.yml b/products/openeuler2203/product.yml +index 89e9f8b..5beaac5 100644 +--- a/products/openeuler2203/product.yml ++++ b/products/openeuler2203/product.yml @@ -8,6 +8,7 @@ benchmark_root: "../../linux_os/guide" profiles_root: "./profiles" @@ -4962,10 +4962,10 @@ index fd33efe..1b22b09 100644 init_system: "systemd" -diff --git a/products/openeuler2203/product.yml b/products/openeuler2203/product.yml -index 89e9f8b..5beaac5 100644 ---- a/products/openeuler2203/product.yml -+++ b/products/openeuler2203/product.yml +diff --git a/products/openeuler2403/product.yml b/products/openeuler2403/product.yml +index c27aaa8..36f3833 100644 +--- a/products/openeuler2403/product.yml ++++ b/products/openeuler2403/product.yml @@ -8,6 +8,7 @@ benchmark_root: "../../linux_os/guide" profiles_root: "./profiles" @@ -4983,7 +4983,7 @@ index 07f3df9..6c8ad28 100644 shadow-utils: {{% if pkg_system == "rpm" %}} - {{% if product in ["sle12", "sle15"] %}} -+ {{% if product in ["openeuler", "openeuler2203", "sle12", "sle15"] %}} ++ {{% if product in ["openeuler2203", "openeuler2403", "sle12", "sle15"] %}} pkgname: shadow {{% else %}} pkgname: shadow-utils diff --git a/add-openeuler-support.patch b/add-openeuler-support.patch index 1c8db5c..678a010 100644 --- a/add-openeuler-support.patch +++ b/add-openeuler-support.patch @@ -1,6 +1,6 @@ -From 34393e749c834bc08cd1a25f8ac1fd9ff36c7872 Mon Sep 17 00:00:00 2001 +From a67afa8ba2bd385c1c645972fb7a2340d9d6f5bb Mon Sep 17 00:00:00 2001 From: "steven.y.gui" -Date: Thu, 17 Aug 2023 21:02:06 +0800 +Date: Mon, 19 Feb 2024 18:59:26 +0800 Subject: [PATCH] add openeuler support --- @@ -11,33 +11,33 @@ Subject: [PATCH] add openeuler support .../telnet/package_telnet_removed/rule.yml | 2 +- .../tftp/package_tftp-server_removed/rule.yml | 2 +- .../tftp/package_tftp_removed/rule.yml | 2 +- - products/openeuler/CMakeLists.txt | 6 ++++ - products/openeuler/product.yml | 19 +++++++++++ - products/openeuler/profiles/standard.profile | 14 ++++++++ - products/openeuler/transforms/constants.xslt | 9 +++++ products/openeuler2203/CMakeLists.txt | 6 ++++ products/openeuler2203/product.yml | 29 ++++++++++++++++ .../openeuler2203/profiles/standard.profile | 14 ++++++++ .../openeuler2203/transforms/constants.xslt | 9 +++++ - .../checks/oval/installed_OS_is_openeuler.xml | 22 ++++++++++++ + products/openeuler2403/CMakeLists.txt | 6 ++++ + products/openeuler2403/product.yml | 19 +++++++++++ + .../openeuler2403/profiles/standard.profile | 14 ++++++++ + .../openeuler2403/transforms/constants.xslt | 9 +++++ .../oval/installed_OS_is_openeuler2203.xml | 26 ++++++++++++++ + .../oval/installed_OS_is_openeuler2403.xml | 26 ++++++++++++++ .../oval/sysctl_kernel_ipv6_disable.xml | 1 + - ssg/constants.py | 7 ++++ - 19 files changed, 211 insertions(+), 5 deletions(-) + ssg/constants.py | 6 ++++ + 19 files changed, 214 insertions(+), 5 deletions(-) create mode 100644 controls/std_openeuler.yml - create mode 100644 products/openeuler/CMakeLists.txt - create mode 100644 products/openeuler/product.yml - create mode 100644 products/openeuler/profiles/standard.profile - create mode 100644 products/openeuler/transforms/constants.xslt create mode 100644 products/openeuler2203/CMakeLists.txt create mode 100644 products/openeuler2203/product.yml create mode 100644 products/openeuler2203/profiles/standard.profile create mode 100644 products/openeuler2203/transforms/constants.xslt - create mode 100644 shared/checks/oval/installed_OS_is_openeuler.xml + create mode 100644 products/openeuler2403/CMakeLists.txt + create mode 100644 products/openeuler2403/product.yml + create mode 100644 products/openeuler2403/profiles/standard.profile + create mode 100644 products/openeuler2403/transforms/constants.xslt create mode 100644 shared/checks/oval/installed_OS_is_openeuler2203.xml + create mode 100644 shared/checks/oval/installed_OS_is_openeuler2403.xml diff --git a/CMakeLists.txt b/CMakeLists.txt -index 7d1cffd..b466580 100644 +index 7d1cffd..d911d05 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -83,6 +83,8 @@ option(SSG_PRODUCT_RHCOS4 "If enabled, the RHCOS4 SCAP content will be built" ${ @@ -45,7 +45,7 @@ index 7d1cffd..b466580 100644 option(SSG_PRODUCT_OL8 "If enabled, the Oracle Linux 8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_OL9 "If enabled, the Oracle Linux 9 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) +option(SSG_PRODUCT_OPENEULER2203 "If enabled, the openEuler 22.03 LTS content will be built" ${SSG_PRODUCT_DEFAULT}) -+option(SSG_PRODUCT_OPENEULER "If enabled, the openEuler basic version content will be built" ${SSG_PRODUCT_DEFAULT}) ++option(SSG_PRODUCT_OPENEULER2403 "If enabled, the openEuler 24.03 LTS content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_OPENSUSE "If enabled, the openSUSE SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_RHEL7 "If enabled, the RHEL7 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) option(SSG_PRODUCT_RHEL8 "If enabled, the RHEL8 SCAP content will be built" ${SSG_PRODUCT_DEFAULT}) @@ -54,7 +54,7 @@ index 7d1cffd..b466580 100644 message(STATUS "Oracle Linux 8: ${SSG_PRODUCT_OL8}") message(STATUS "Oracle Linux 9: ${SSG_PRODUCT_OL9}") +message(STATUS "openEuler 22.03 LTS: ${SSG_PRODUCT_OPENEULER2203}") -+message(STATUS "openEuler: ${SSG_PRODUCT_OPENEULER}") ++message(STATUS "openEuler 24.03 LTS: ${SSG_PRODUCT_OPENEULER2403}") message(STATUS "openSUSE: ${SSG_PRODUCT_OPENSUSE}") message(STATUS "RHEL 7: ${SSG_PRODUCT_RHEL7}") message(STATUS "RHEL 8: ${SSG_PRODUCT_RHEL8}") @@ -65,8 +65,8 @@ index 7d1cffd..b466580 100644 +if (SSG_PRODUCT_OPENEULER2203) + add_subdirectory("products/openeuler2203" "openeuler2203") +endif() -+if (SSG_PRODUCT_OPENEULER) -+ add_subdirectory("products/openeuler" "openeuler") ++if (SSG_PRODUCT_OPENEULER2403) ++ add_subdirectory("products/openeuler2403" "openeuler2403") +endif() if (SSG_PRODUCT_OPENSUSE) add_subdirectory("products/opensuse" "opensuse") @@ -112,88 +112,88 @@ index 0000000..5599b04 + - package_telnet_removed + - package_telnet-server_removed diff --git a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml -index 1129ce7..c5450ca 100644 +index 1129ce7..ea1c772 100644 --- a/linux_os/guide/services/ftp/package_ftp_removed/rule.yml +++ b/linux_os/guide/services/ftp/package_ftp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: rhel9 -+prodtype: openeuler,openeuler2203,rhel9 ++prodtype: openeuler2203,openeuler2403,rhel9 title: 'Remove ftp Package' diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml -index 6b59559..fc38a3c 100644 +index 6b59559..26848b4 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Uninstall telnet-server Package' diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml -index 2571d50..3638424 100644 +index 2571d50..8c77862 100644 --- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml +++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 -+prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 ++prodtype: alinux2,alinux3,fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15,ubuntu2004,ubuntu2204 title: 'Remove telnet Clients' diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml -index 93fd712..46ebdb7 100644 +index 93fd712..60c05ed 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp-server_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,rhv4,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,rhv4,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,rhv4,sle12,sle15 title: 'Uninstall tftp-server Package' diff --git a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml -index 35e0a2f..f836879 100644 +index 35e0a2f..6c078d3 100644 --- a/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml +++ b/linux_os/guide/services/obsolete/tftp/package_tftp_removed/rule.yml @@ -1,6 +1,6 @@ documentation_complete: true -prodtype: fedora,ol7,ol8,ol9,rhel7,rhel8,rhel9,sle12,sle15 -+prodtype: fedora,ol7,ol8,ol9,openeuler,openeuler2203,rhel7,rhel8,rhel9,sle12,sle15 ++prodtype: fedora,ol7,ol8,ol9,openeuler2203,openeuler2403,rhel7,rhel8,rhel9,sle12,sle15 title: 'Remove tftp Daemon' -diff --git a/products/openeuler/CMakeLists.txt b/products/openeuler/CMakeLists.txt +diff --git a/products/openeuler2203/CMakeLists.txt b/products/openeuler2203/CMakeLists.txt new file mode 100644 -index 0000000..8733082 +index 0000000..258e195 --- /dev/null -+++ b/products/openeuler/CMakeLists.txt ++++ b/products/openeuler2203/CMakeLists.txt @@ -0,0 +1,6 @@ +# Sometimes our users will try to do: "cd openeuler; cmake ." That needs to error in a nice way. +if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}") + message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!") +endif() + -+ssg_build_product("openeuler") -diff --git a/products/openeuler/product.yml b/products/openeuler/product.yml ++ssg_build_product("openeuler2203") +diff --git a/products/openeuler2203/product.yml b/products/openeuler2203/product.yml new file mode 100644 -index 0000000..fd33efe +index 0000000..89e9f8b --- /dev/null -+++ b/products/openeuler/product.yml -@@ -0,0 +1,19 @@ -+product: openeuler -+full_name: openEuler ++++ b/products/openeuler2203/product.yml +@@ -0,0 +1,29 @@ ++product: openeuler2203 ++full_name: openEuler 2203 +type: platform + -+benchmark_id: OPENEULER ++benchmark_id: OPENEULER2203 +benchmark_root: "../../linux_os/guide" + +profiles_root: "./profiles" @@ -204,68 +204,78 @@ index 0000000..fd33efe + +cpes_root: "../../shared/applicability" +cpes: -+ - openeuler2309: -+ name: "cpe:/o:openEuler:openEuler:23.09:ga:server" -+ title: "openEuler 23.09" -+ check_id: installed_OS_is_openeuler -diff --git a/products/openeuler/profiles/standard.profile b/products/openeuler/profiles/standard.profile ++ - openeuler2203lts: ++ name: "cpe:/o:openEuler:openEuler:22.03LTS:ga:server" ++ title: "openEuler 22.03 LTS" ++ check_id: installed_OS_is_openeuler2203 ++ ++ - openeuler2203lts-sp1: ++ name: "cpe:/o:openEuler:openEuler:22.03LTS_SP1:ga:server" ++ title: "openEuler 22.03 LTS SP1" ++ check_id: installed_OS_is_openeuler2203 ++ ++ - openeuler2203lts-sp2: ++ name: "cpe:/o:openEuler:openEuler:22.03LTS_SP2:ga:server" ++ title: "openEuler 22.03 LTS SP2" ++ check_id: installed_OS_is_openeuler2203 +diff --git a/products/openeuler2203/profiles/standard.profile b/products/openeuler2203/profiles/standard.profile new file mode 100644 -index 0000000..e4e9450 +index 0000000..8a7ae9c --- /dev/null -+++ b/products/openeuler/profiles/standard.profile ++++ b/products/openeuler2203/profiles/standard.profile @@ -0,0 +1,14 @@ +documentation_complete: true + +metadata: + version: 1.0 + -+title: 'Standard System Security Profile for openEuler' ++title: 'Standard System Security Profile for openEuler 22.03 LTS' + +description: |- + This profile contains rules to ensure standard security baseline -+ of all openEuler systems. Regardless of your system's workload ++ of an openEuler system. Regardless of your system's workload + all of these checks should pass. + +selections: + - std_openeuler:all:base -diff --git a/products/openeuler/transforms/constants.xslt b/products/openeuler/transforms/constants.xslt +diff --git a/products/openeuler2203/transforms/constants.xslt b/products/openeuler2203/transforms/constants.xslt new file mode 100644 -index 0000000..b0a07a0 +index 0000000..666c119 --- /dev/null -+++ b/products/openeuler/transforms/constants.xslt ++++ b/products/openeuler2203/transforms/constants.xslt @@ -0,0 +1,9 @@ + + + + -+openEuler -+openEuler -+openeuler ++openEuler2203 ++openEuler2203 ++openeuler2203 + + -diff --git a/products/openeuler2203/CMakeLists.txt b/products/openeuler2203/CMakeLists.txt +diff --git a/products/openeuler2403/CMakeLists.txt b/products/openeuler2403/CMakeLists.txt new file mode 100644 -index 0000000..258e195 +index 0000000..4f7da6b --- /dev/null -+++ b/products/openeuler2203/CMakeLists.txt ++++ b/products/openeuler2403/CMakeLists.txt @@ -0,0 +1,6 @@ +# Sometimes our users will try to do: "cd openeuler; cmake ." That needs to error in a nice way. +if ("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}") + message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!") +endif() + -+ssg_build_product("openeuler2203") -diff --git a/products/openeuler2203/product.yml b/products/openeuler2203/product.yml ++ssg_build_product("openeuler2403") +diff --git a/products/openeuler2403/product.yml b/products/openeuler2403/product.yml new file mode 100644 -index 0000000..89e9f8b +index 0000000..c27aaa8 --- /dev/null -+++ b/products/openeuler2203/product.yml -@@ -0,0 +1,29 @@ -+product: openeuler2203 -+full_name: openEuler 2203 ++++ b/products/openeuler2403/product.yml +@@ -0,0 +1,19 @@ ++product: openeuler2403 ++full_name: openEuler2403 +type: platform + -+benchmark_id: OPENEULER2203 ++benchmark_id: OPENEULER2403 +benchmark_root: "../../linux_os/guide" + +profiles_root: "./profiles" @@ -276,111 +286,105 @@ index 0000000..89e9f8b + +cpes_root: "../../shared/applicability" +cpes: -+ - openeuler2203lts: -+ name: "cpe:/o:openEuler:openEuler:22.03LTS:ga:server" -+ title: "openEuler 22.03 LTS" -+ check_id: installed_OS_is_openeuler2203 -+ -+ - openeuler2203lts-sp1: -+ name: "cpe:/o:openEuler:openEuler:22.03LTS_SP1:ga:server" -+ title: "openEuler 22.03 LTS SP1" -+ check_id: installed_OS_is_openeuler2203 -+ -+ - openeuler2203lts-sp2: -+ name: "cpe:/o:openEuler:openEuler:22.03LTS_SP2:ga:server" -+ title: "openEuler 22.03 LTS SP2" -+ check_id: installed_OS_is_openeuler2203 -diff --git a/products/openeuler2203/profiles/standard.profile b/products/openeuler2203/profiles/standard.profile ++ - openeuler2403: ++ name: "cpe:/o:openEuler:openEuler:24.03LTS:ga:server" ++ title: "openEuler 24.03 LTS" ++ check_id: installed_OS_is_openeuler2403 +diff --git a/products/openeuler2403/profiles/standard.profile b/products/openeuler2403/profiles/standard.profile new file mode 100644 -index 0000000..8a7ae9c +index 0000000..e4e9450 --- /dev/null -+++ b/products/openeuler2203/profiles/standard.profile ++++ b/products/openeuler2403/profiles/standard.profile @@ -0,0 +1,14 @@ +documentation_complete: true + +metadata: + version: 1.0 + -+title: 'Standard System Security Profile for openEuler 22.03 LTS' ++title: 'Standard System Security Profile for openEuler' + +description: |- + This profile contains rules to ensure standard security baseline -+ of an openEuler system. Regardless of your system's workload ++ of all openEuler systems. Regardless of your system's workload + all of these checks should pass. + +selections: + - std_openeuler:all:base -diff --git a/products/openeuler2203/transforms/constants.xslt b/products/openeuler2203/transforms/constants.xslt +diff --git a/products/openeuler2403/transforms/constants.xslt b/products/openeuler2403/transforms/constants.xslt new file mode 100644 -index 0000000..666c119 +index 0000000..60286a9 --- /dev/null -+++ b/products/openeuler2203/transforms/constants.xslt ++++ b/products/openeuler2403/transforms/constants.xslt @@ -0,0 +1,9 @@ + + + + -+openEuler2203 -+openEuler2203 -+openeuler2203 ++openEuler2403 ++openEuler2403 ++openeuler2403 + + -diff --git a/shared/checks/oval/installed_OS_is_openeuler.xml b/shared/checks/oval/installed_OS_is_openeuler.xml +diff --git a/shared/checks/oval/installed_OS_is_openeuler2203.xml b/shared/checks/oval/installed_OS_is_openeuler2203.xml new file mode 100644 -index 0000000..4835266 +index 0000000..6a1ce97 --- /dev/null -+++ b/shared/checks/oval/installed_OS_is_openeuler.xml -@@ -0,0 +1,22 @@ ++++ b/shared/checks/oval/installed_OS_is_openeuler2203.xml +@@ -0,0 +1,26 @@ + -+ ++ + -+ openEuler ++ openEuler 22.03 LTS + + multi_platform_all + -+ The operating system installed on the system is openEuler. ++ The operating system installed on the system is openEuler 22.03 LTS. + + -+ ++ + + + -+ -+ ++ ++ ++ + -+ ++ ++ ^22\.03.*$ ++ ++ + openEuler-release + + + -diff --git a/shared/checks/oval/installed_OS_is_openeuler2203.xml b/shared/checks/oval/installed_OS_is_openeuler2203.xml +diff --git a/shared/checks/oval/installed_OS_is_openeuler2403.xml b/shared/checks/oval/installed_OS_is_openeuler2403.xml new file mode 100644 -index 0000000..6a1ce97 +index 0000000..31c6084 --- /dev/null -+++ b/shared/checks/oval/installed_OS_is_openeuler2203.xml ++++ b/shared/checks/oval/installed_OS_is_openeuler2403.xml @@ -0,0 +1,26 @@ + -+ ++ + -+ openEuler 22.03 LTS ++ openEuler + + multi_platform_all + -+ The operating system installed on the system is openEuler 22.03 LTS. ++ The operating system installed on the system is openEuler 24.03 LTS + + -+ ++ + + + -+ -+ -+ ++ ++ ++ + -+ -+ ^22\.03.*$ ++ ++ ^24\.03.*$ + -+ ++ + openEuler-release + + @@ -398,14 +402,14 @@ index affb977..593ecda 100644 multi_platform_ol multi_platform_rhcos diff --git a/ssg/constants.py b/ssg/constants.py -index f66ba00..60697df 100644 +index f66ba00..ff5bb02 100644 --- a/ssg/constants.py +++ b/ssg/constants.py @@ -50,6 +50,7 @@ product_directories = [ 'ocp4', 'rhcos4', 'ol7', 'ol8', 'ol9', -+ 'openeuler', 'openeuler2203', ++ 'openeuler2203', 'openeuler2403', 'opensuse', 'rhel7', 'rhel8', 'rhel9', 'rhv4', @@ -413,8 +417,8 @@ index f66ba00..60697df 100644 "Oracle Linux 7": "ol7", "Oracle Linux 8": "ol8", "Oracle Linux 9": "ol9", -+ "openEuler": "openeuler", + "openEuler 2203": "openeuler2203", ++ "openEuler 2403": "openeuler2403", "openSUSE": "opensuse", "Red Hat Enterprise Linux 7": "rhel7", "Red Hat Enterprise Linux 8": "rhel8", @@ -430,16 +434,15 @@ index f66ba00..60697df 100644 "multi_platform_example": ["example"], "multi_platform_eks": ["eks"], "multi_platform_fedora": ["fedora"], -+ "multi_platform_openeuler": ["openeuler", "openeuler2203"], ++ "multi_platform_openeuler": ["openeuler2203", "openeuler2403"], "multi_platform_opensuse": ["opensuse"], "multi_platform_ol": ["ol7", "ol8", "ol9"], "multi_platform_ocp": ["ocp4"], -@@ -447,6 +452,8 @@ MAKEFILE_ID_TO_PRODUCT_MAP = { +@@ -447,6 +452,7 @@ MAKEFILE_ID_TO_PRODUCT_MAP = { 'uos': 'UnionTech OS Server', 'eap': 'JBoss Enterprise Application Platform', 'fuse': 'JBoss Fuse', + 'openeuler': 'openEuler', -+ 'openeuler2203': 'openEuler 2203', 'opensuse': 'openSUSE', 'sle': 'SUSE Linux Enterprise', 'example': 'Example', diff --git a/scap-security-guide.spec b/scap-security-guide.spec index 4061c3a..b47df88 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -1,6 +1,6 @@ Name: scap-security-guide Version: 0.1.68 -Release: 2 +Release: 3 Summary: Security guidance and baselines in SCAP formats License: BSD-3-Clause URL: https://github.com/ComplianceAsCode/content/ @@ -63,6 +63,9 @@ cd build %doc %{_docdir}/%{name}/tables/*.html %changelog +* Mon Feb 19 2024 steven - 0.1.68-3 +- add openEuler 2403 LTS supporting and remove openEuler general version supporting + * Mon Oct 9 2023 steven - 0.1.68-2 - add openeuler supporting and add 100+ control rules -- Gitee