CIS uses grubby
for checking rules 4.1.1.2
& 4.1.1.3
, which are thus failing
#160
Labels
bug
Something isn't working
Describe the Issue
Rules:
4.1.1.2 Ensure auditing for processes that start prior to auditd is enabled
4.1.1.3 Ensure audit_backlog_limit is sufficient
are still failing after role-execution.
Expected Behavior
CIS - Pass
Actual Behavior
CIS - Fail
Control(s) Affected
4.1.1.2, 4.1.1.3
Environment (please complete the following information):
Additional Notes
Current approach was the one I was also aware of, some time ago: Configuring params in
/etc/default/grub
and then use the command ingrub2cfg
handler(grub2-mkconfig -o /boot/grub2/grub.cfg
) to generate the grub config file.But, what I also noticed is that despite some not-so-old hardening suggestions(RHEL8, 2021) encourage us to use both approaches(
/boot/grub2/grub.cfg
&gruby
), the most recent ones(RHEL9, 2023) only usegrubby
approach.Same does CIS in their
nix_grubby_exist_chk.sh
script.Possible Solution
PR
The text was updated successfully, but these errors were encountered: