fyi - invasive directory reshuffle, introducing RHEL7 tree
by Shawn Wells
To support multiple releases of RHEL, we've changed the directory
structure some:
- RHEL6 --> RHEL/{6 7}/
- RHEL6 references --> shared/references/
The patch for this reshuffle was ~22MB, hence not mailing to the list
first. Dave Smith reviewed to ensure things didn't break.
A git pull should expose the new directory structure. Skeleton content
for RHEL7 was added, however NOT included in the RPM build yet. Those
familiar with the RHEL6 build process should find everything the same
under RHEL7 (e.g. make content, make tables, etc).
Many are working on porting base RHEL7 content over the holidays,
aspiring for a new years RHEL RPM release. Please be sure to get any
strangling patches in before then :)
10 years, 5 months
[PATCH] [Fedora] Bump version to 0.1.4.
by Jan Lieskovsky
Bump Fedora version to 0.1.4 (merging previous
0.1.4-rc* changelog entries under final 0.1.4 one).
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
10 years, 5 months
[PATCH] [Fedora] Add shared remediation for sshd set idle timeout
by Jan Lieskovsky
This patch adds shared remediation for sshd set idle timeout rule.
Tested on Fedora and pushed to master (it's the last one of the four
sshd remediation intended for new Fedora release).
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
10 years, 5 months
[RFC] Rename stig-rhel6-server to stig-rhel6-server-upstream?
by Shawn Wells
SSG enjoys a fantastic working relationship with DISA FSO, however in
aspirations to clearly delineate between the upstream STIG profile (e.g.
that of SSG) and the formal STIG (listed on iase.disa.mil), I'd like to
rename to stig-rhel6-server-upstream.
Many community members realize the upstream->downstream relationship,
however I'd like to re-enforce this through the profile name itself.
Thoughts? Objections?
10 years, 5 months
Profile Creation Rational
by joescap@mm.st
This is just a curiosity question. In the ssg-rhel6-xccdf.xml there are
several profiles listed: common, server, stig-rhel6-server,
usgcb-rhel6-server among others. I was curios how the tests for each
profile was selected, especially the stig-rhel6-server and
usgcb-rhel6-server. Was this the consensus of a group of SMEs? Also,
is there anything out there that documents why some tests were included
and others were not. As I said, just curious about the process. Thanks
10 years, 5 months