Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Current 4.2.3 Ensure permissions on all logfiles are configured remediation will break RHEL8 #128

Closed
MarcoV-git opened this issue Aug 2, 2021 · 2 comments
Closed

Current 4.2.3 Ensure permissions on all logfiles are configured remediation will break RHEL8 #128

MarcoV-git opened this issue Aug 2, 2021 · 2 comments
Assignees
@georgenalen
Labels
bug Something isn't working

Comments

@MarcoV-git
Copy link
Contributor

Guys,

The CIS version v1.0.0.1 remediation will break an existing RHEL8 build; the remediation step:
find /var/log -type f -exec chmod g-wx,o-rwx "{}" + -o -type d -exec chmod g-w,o-rwx "{}" +
is not valid for Fedora and RHEL.

This has been fixed in the CIS v1.0.1 standard. It has been updated to:
find /var/log/ -type f -perm /g+wx,o+rwx -exec chmod g-wx,o-rwx "{}" +

Please update your code in both version tags... ;-))
@georgenalen georgenalen self-assigned this Aug 4, 2021
@georgenalen georgenalen added the bug Something isn't working label Aug 4, 2021
@georgenalen
Copy link
Contributor

@MarcoV-git,
Thanks for the find and fix. We are working on updating to the latest benchmarks and this will be added into that work. Again thanks for alerting us on issues like this one. It helps improve the project, especially if the issue is something wrong in the benchmark. Those aren't as easy to catch on the fly when creating the remediation steps.

-George

georgenalen added a commit that referenced this issue Sep 10, 2021
@georgenalen
Issue #128 Fix
1cefa00 
Signed-off-by: George Nalen <georgen@mindpointgroup.com>
@georgenalen georgenalen mentioned this issue Sep 10, 2021
Merged
@georgenalen
Copy link
Contributor

This issue was resolved in release 1.4.0

@georgenalen georgenalen mentioned this issue Apr 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@georgenalen georgenalen

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@georgenalen @MarcoV-git