----- Original Message ----- > From: "Molly Jo Bault" <[email protected]> > To: [email protected] > Sent: Thursday, July 14, 2016 4:26:36 PM > Subject: CentOS 7 SSG Remediation Test Results > > Greetings Awesome Scap Security Guide Developers, > > I've been looking at this project and it is very exciting to see the work you > are doing here. Thank you so much for helping make Linux more secure. > > I'm not sure how all this works, so please forgive me in advance. > > I've attached some tweaks to some of the RHEL 7 remediation scripts that > might be useful. > > Here are some issues that I didn't see an easy fix for found will testing > this on CentOS 7. > Bugs: > > * Enable Randomized Layout Virtual Address Space check is failing, > despite being applied (content_rule_sysctl_kernel_randomize_va_space) > > * Accounts password PAM retry check failing, despite being applied > (content_rule_accounts_password_pam_retry) > > * Mount option var temp bind check failing, despite being applied > (content_rule_mount_option_var_tmp_bind) > > Features Request: > > * In the html report, add a Group rules by "STIG number" > "RHEL-07-TBD" > > Thank you so much for your work on this! > > [Astronics-BT-Logo-Signature]<http://www.ballardtech.com/> > Molly Jo Bault | Design Engineer > 11400 Airport Rd Ste 201 | Everett, WA 98204 | USA | P: +1.425.339.0281 x123 > | F: +1.425.339.0915
Hi Molly, your patch looks awesome, kudos! We use the github pull request workflow when reviewing and accepting changes. Would you please consider splitting the patch up into smaller commits and submitting a pull request at https://github.com/OpenSCAP/scap-security-guide ? That would make it much easier for us to run continuous integration tests, review and merge. -- Martin Preisler Identity Management and Platform Security | Red Hat, Inc. -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected] https://github.com/OpenSCAP/scap-security-guide/
