diff --git a/tests/data/product_stability/alinux2.yml b/tests/data/product_stability/alinux2.yml index c4b2080211fc..812dd091d542 100644 --- a/tests/data/product_stability/alinux2.yml +++ b/tests/data/product_stability/alinux2.yml @@ -9,10 +9,10 @@ benchmark_id: ALINUX-2 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- alinux2: - check_id: installed_OS_is_alinux2 - name: cpe:/o:alinux:alibaba_cloud_linux:2 - title: Alibaba Cloud Linux 2 + - alinux2: + check_id: installed_OS_is_alinux2 + name: cpe:/o:alinux:alibaba_cloud_linux:2 + title: Alibaba Cloud Linux 2 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/alinux3.yml b/tests/data/product_stability/alinux3.yml index 707f997eeb4f..65bc47fbf5bf 100644 --- a/tests/data/product_stability/alinux3.yml +++ b/tests/data/product_stability/alinux3.yml @@ -9,10 +9,10 @@ benchmark_id: ALINUX-3 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- alinux3: - check_id: installed_OS_is_alinux3 - name: cpe:/o:alinux:alibaba_cloud_linux:3 - title: Alibaba Cloud Linux 3 + - alinux3: + check_id: installed_OS_is_alinux3 + name: cpe:/o:alinux:alibaba_cloud_linux:3 + title: Alibaba Cloud Linux 3 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/anolis23.yml b/tests/data/product_stability/anolis23.yml new file mode 100644 index 000000000000..499b90314b3f --- /dev/null +++ b/tests/data/product_stability/anolis23.yml @@ -0,0 +1,74 @@ +aide_also_checks_audispd: 'yes' +aide_also_checks_rsyslog: 'no' +aide_bin_path: /usr/sbin/aide +aide_conf_path: /etc/aide.conf +audisp_conf_path: /etc/audit +auid: 1000 +basic_properties_derived: true +benchmark_id: ANOLIS-23 +benchmark_root: ../../linux_os/guide +chrony_conf_path: /etc/chrony.conf +cpes: + - anolis23: + check_id: installed_OS_is_anolis23 + name: cpe:/o:anolis:anolis_os:23 + title: Anolis OS 23 +cpes_root: ../../shared/applicability +dconf_gdm_dir: gdm.d +faillock_path: /var/run/faillock +full_name: Anolis OS 23 +gid_min: 1000 +groups: {} +grub2_boot_path: /boot/grub2 +grub2_uefi_boot_path: /boot/grub2 +grub_helper_executable: grubby +init_system: systemd +nobody_gid: 65534 +nobody_uid: 65534 +pkg_manager: yum +pkg_manager_config_file: /etc/yum.conf +pkg_system: rpm +platform_package_overrides: + aarch64_arch: null + grub2: grub2-common + login_defs: shadow-utils + no_ovirt: null + non-uefi: null + not_aarch64_arch: null + not_s390x_arch: null + ovirt: null + s390x_arch: null + sssd: sssd-common + sssd-ldap: null + uefi: null + zipl: s390utils-base +product: anolis23 +profiles_root: ./profiles +reference_uris: + anssi: http://www.ssi.gouv.fr/administration/bonnes-pratiques/ + app-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=application-servers + cis-csc: https://www.cisecurity.org/controls/ + cjis: https://www.fbi.gov/file-repository/cjis-security-policy-v5_5_20160601-2-1.pdf + cnss: http://www.cnss.gov/Assets/pdf/CNSSI-1253.pdf + cobit5: https://www.isaca.org/resources/cobit + cui: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf + dcid: not_officially_available + disa: https://public.cyber.mil/stigs/cci/ + hipaa: https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-chapA-subchapC.pdf + isa-62443-2009: https://www.isa.org/products/isa-62443-2-1-2009-security-for-industrial-automat + isa-62443-2013: https://www.isa.org/products/ansi-isa-62443-3-3-99-03-03-2013-security-for-indu + ism: https://www.cyber.gov.au/acsc/view-all-content/ism + iso27001-2013: https://www.iso.org/standard/54534.html + nerc-cip: https://www.nerc.com/pa/Stand/Standard%20Purpose%20Statement%20DL/US_Standard_One-Stop-Shop.xlsx + nist: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf + nist-csf: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf + os-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os + ospp: https://www.niap-ccevs.org/Profile/PP.cfm + pcidss: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf + pcidss4: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf + stigid: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux + stigref: https://public.cyber.mil/stigs/srg-stig-tools/ +sshd_distributed_config: 'false' +sysctl_remediate_drop_in_file: 'false' +type: platform +uid_min: 1000 diff --git a/tests/data/product_stability/anolis8.yml b/tests/data/product_stability/anolis8.yml index 00b6b365bc55..22a9583a5ee1 100644 --- a/tests/data/product_stability/anolis8.yml +++ b/tests/data/product_stability/anolis8.yml @@ -9,10 +9,10 @@ benchmark_id: ANOLIS-8 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- anolis8: - check_id: installed_OS_is_anolis8 - name: cpe:/o:anolis:anolis_os:8 - title: Anolis OS 8 + - anolis8: + check_id: installed_OS_is_anolis8 + name: cpe:/o:anolis:anolis_os:8 + title: Anolis OS 8 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/chromium.yml b/tests/data/product_stability/chromium.yml index 2edc4217abfe..29587ace5367 100644 --- a/tests/data/product_stability/chromium.yml +++ b/tests/data/product_stability/chromium.yml @@ -9,10 +9,10 @@ benchmark_id: CHROMIUM benchmark_root: ./guide chrony_conf_path: /etc/chrony.conf cpes: -- chromium: - check_id: installed_app_is_chromium - name: cpe:/a:google:chromium-browser - title: Google Chromium Browser + - chromium: + check_id: installed_app_is_chromium + name: cpe:/a:google:chromium-browser + title: Google Chromium Browser cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/debian10.yml b/tests/data/product_stability/debian10.yml index ea12af41272c..528a269409ce 100644 --- a/tests/data/product_stability/debian10.yml +++ b/tests/data/product_stability/debian10.yml @@ -9,16 +9,16 @@ benchmark_id: DEBIAN-10 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony/chrony.conf cpes: -- debian10: - check_id: installed_OS_is_debian10 - name: cpe:/o:debian:debian_linux:10 - title: Debian Linux 10 + - debian10: + check_id: installed_OS_is_debian10 + name: cpe:/o:debian:debian_linux:10 + title: Debian Linux 10 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian -- debian-like + - debian + - debian-like full_name: Debian 10 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/debian11.yml b/tests/data/product_stability/debian11.yml index 56e859e16f39..beda00ed7dd3 100644 --- a/tests/data/product_stability/debian11.yml +++ b/tests/data/product_stability/debian11.yml @@ -9,16 +9,16 @@ benchmark_id: DEBIAN-11 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- debian11: - check_id: installed_OS_is_debian11 - name: cpe:/o:debian:debian_linux:11 - title: Debian Linux 11 + - debian11: + check_id: installed_OS_is_debian11 + name: cpe:/o:debian:debian_linux:11 + title: Debian Linux 11 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian -- debian-like + - debian + - debian-like full_name: Debian 11 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/eks.yml b/tests/data/product_stability/eks.yml index a33cf8b69c8c..ea4553ee1b51 100644 --- a/tests/data/product_stability/eks.yml +++ b/tests/data/product_stability/eks.yml @@ -9,18 +9,18 @@ benchmark_id: EKS benchmark_root: ../../applications chrony_conf_path: /etc/chrony.conf cpes: -- eks: - check_id: installed_app_is_eks - name: cpe:/a:amazon:elastic_kubernetes_service:1 - title: Amazon Elastic Kubernetes Service -- eks-node: - check_id: installed_app_is_eks_node - name: cpe:/o:amazon:elastic_kubernetes_service_node:1 - title: Amazon Elastic Kubernetes Service Node -- eks-1.21: - check_id: installed_app_is_eks_1_21 - name: cpe:/a:amazon:elastic_kubernetes_service_node:1.21 - title: Amazon Elastic Kubernetes Service 1.21 + - eks: + check_id: installed_app_is_eks + name: cpe:/a:amazon:elastic_kubernetes_service:1 + title: Amazon Elastic Kubernetes Service + - eks-node: + check_id: installed_app_is_eks_node + name: cpe:/o:amazon:elastic_kubernetes_service_node:1 + title: Amazon Elastic Kubernetes Service Node + - eks-1.21: + check_id: installed_app_is_eks_1_21 + name: cpe:/a:amazon:elastic_kubernetes_service_node:1.21 + title: Amazon Elastic Kubernetes Service 1.21 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/example.yml b/tests/data/product_stability/example.yml index 5a9c8fee77ef..4a63a11020b3 100644 --- a/tests/data/product_stability/example.yml +++ b/tests/data/product_stability/example.yml @@ -10,10 +10,10 @@ benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf components_root: ../../components cpes: -- example: - check_id: installed_OS_is_part_of_Unix_family - name: cpe:/o:example - title: Example + - example: + check_id: installed_OS_is_part_of_Unix_family + name: cpe:/o:example + title: Example cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/fedora.yml b/tests/data/product_stability/fedora.yml index 999a78ec3172..2b90aeeb6fa0 100644 --- a/tests/data/product_stability/fedora.yml +++ b/tests/data/product_stability/fedora.yml @@ -10,26 +10,26 @@ benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf components_root: ../../components cpes: -- fedora_40: - check_id: installed_OS_is_fedora - name: cpe:/o:fedoraproject:fedora:40 - title: Fedora 40 -- fedora_39: - check_id: installed_OS_is_fedora - name: cpe:/o:fedoraproject:fedora:39 - title: Fedora 39 -- fedora_38: - check_id: installed_OS_is_fedora - name: cpe:/o:fedoraproject:fedora:38 - title: Fedora 38 -- fedora_37: - check_id: installed_OS_is_fedora - name: cpe:/o:fedoraproject:fedora:37 - title: Fedora 37 -- fedora_36: - check_id: installed_OS_is_fedora - name: cpe:/o:fedoraproject:fedora:36 - title: Fedora 36 + - fedora_40: + check_id: installed_OS_is_fedora + name: cpe:/o:fedoraproject:fedora:40 + title: Fedora 40 + - fedora_39: + check_id: installed_OS_is_fedora + name: cpe:/o:fedoraproject:fedora:39 + title: Fedora 39 + - fedora_38: + check_id: installed_OS_is_fedora + name: cpe:/o:fedoraproject:fedora:38 + title: Fedora 38 + - fedora_37: + check_id: installed_OS_is_fedora + name: cpe:/o:fedoraproject:fedora:37 + title: Fedora 37 + - fedora_36: + check_id: installed_OS_is_fedora + name: cpe:/o:fedoraproject:fedora:36 + title: Fedora 36 cpes_root: ../../shared/applicability dconf_gdm_dir: distro.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/firefox.yml b/tests/data/product_stability/firefox.yml index dd47051ac650..9a792ad06ed9 100644 --- a/tests/data/product_stability/firefox.yml +++ b/tests/data/product_stability/firefox.yml @@ -9,10 +9,10 @@ benchmark_id: FIREFOX benchmark_root: ./guide chrony_conf_path: /etc/chrony.conf cpes: -- firefox: - check_id: installed_app_is_firefox - name: cpe:/a:mozilla:firefox - title: Mozilla Firefox + - firefox: + check_id: installed_app_is_firefox + name: cpe:/a:mozilla:firefox + title: Mozilla Firefox cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/macos1015.yml b/tests/data/product_stability/macos1015.yml index 755ab61f99ff..7919ea9d646d 100644 --- a/tests/data/product_stability/macos1015.yml +++ b/tests/data/product_stability/macos1015.yml @@ -9,10 +9,10 @@ benchmark_id: macOS-1015 benchmark_root: ../../apple_os/ chrony_conf_path: /etc/chrony.conf cpes: -- macos15: - check_id: installed_OS_is_macos1015 - name: cpe:/o:apple:macos:10.15 - title: Apple macOS 10.15 + - macos15: + check_id: installed_OS_is_macos1015 + name: cpe:/o:apple:macos:10.15 + title: Apple macOS 10.15 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/ocp4.yml b/tests/data/product_stability/ocp4.yml index a56860903734..9eaa860f87a1 100644 --- a/tests/data/product_stability/ocp4.yml +++ b/tests/data/product_stability/ocp4.yml @@ -9,94 +9,94 @@ benchmark_id: OCP-4 benchmark_root: ../../applications chrony_conf_path: /etc/chrony.conf cpes: -- ocp4: - check_id: installed_app_is_ocp4 - name: cpe:/a:redhat:openshift_container_platform:4.1 - title: Red Hat OpenShift Container Platform 4 -- ocp4-node: - check_id: installed_app_is_ocp4_node - name: cpe:/o:redhat:openshift_container_platform_node:4 - title: Red Hat OpenShift Container Platform 4 Node -- ocp4-node-on-ovn: - check_id: installed_app_is_ocp4_node_on_openshift-ovn - name: cpe:/a:redhat:openshift_container_platform_node_on_ovn:4 - title: Red Hat OpenShift Container Platform 4 Node on OVN -- ocp4-node-on-sdn: - check_id: installed_app_is_ocp4_node_on_openshift-sdn - name: cpe:/a:redhat:openshift_container_platform_node_on_sdn:4 - title: Red Hat OpenShift Container Platform 4 Node on SDN -- ocp4.6: - check_id: installed_app_is_ocp4_6 - name: cpe:/a:redhat:openshift_container_platform:4.6 - title: Red Hat OpenShift Container Platform 4.6 -- ocp4.7: - check_id: installed_app_is_ocp4_7 - name: cpe:/a:redhat:openshift_container_platform:4.7 - title: Red Hat OpenShift Container Platform 4.7 -- ocp4.8: - check_id: installed_app_is_ocp4_8 - name: cpe:/a:redhat:openshift_container_platform:4.8 - title: Red Hat OpenShift Container Platform 4.8 -- ocp4.9: - check_id: installed_app_is_ocp4_9 - name: cpe:/a:redhat:openshift_container_platform:4.9 - title: Red Hat OpenShift Container Platform 4.9 -- ocp4.10: - check_id: installed_app_is_ocp4_10 - name: cpe:/a:redhat:openshift_container_platform:4.10 - title: Red Hat OpenShift Container Platform 4.10 -- ocp4.11: - check_id: installed_app_is_ocp4_11 - name: cpe:/a:redhat:openshift_container_platform:4.11 - title: Red Hat OpenShift Container Platform 4.11 -- ocp4.12: - check_id: installed_app_is_ocp4_12 - name: cpe:/a:redhat:openshift_container_platform:4.12 - title: Red Hat OpenShift Container Platform 4.12 -- ocp4.13: - check_id: installed_app_is_ocp4_13 - name: cpe:/a:redhat:openshift_container_platform:4.13 - title: Red Hat OpenShift Container Platform 4.13 -- ocp4.14: - check_id: installed_app_is_ocp4_14 - name: cpe:/a:redhat:openshift_container_platform:4.14 - title: Red Hat OpenShift Container Platform 4.14 -- ocp4.15: - check_id: installed_app_is_ocp4_15 - name: cpe:/a:redhat:openshift_container_platform:4.15 - title: Red Hat OpenShift Container Platform 4.15 -- ocp4.16: - check_id: installed_app_is_ocp4_16 - name: cpe:/a:redhat:openshift_container_platform:4.16 - title: Red Hat OpenShift Container Platform 4.16 -- ocp4.17: - check_id: installed_app_is_ocp4_17 - name: cpe:/a:redhat:openshift_container_platform:4.17 - title: Red Hat OpenShift Container Platform 4.17 -- ocp4.18: - check_id: installed_app_is_ocp4_18 - name: cpe:/a:redhat:openshift_container_platform:4.18 - title: Red Hat OpenShift Container Platform 4.18 -- ocp4-on-aws: - check_id: installed_app_is_ocp4_on_aws - name: cpe:/a:redhat:openshift_container_platform_on_aws:4 - title: Red Hat OpenShift Container Platform 4 on AWS -- ocp4-on-azure: - check_id: installed_app_is_ocp4_on_azure - name: cpe:/a:redhat:openshift_container_platform_on_azure:4 - title: Red Hat OpenShift Container Platform 4 on Azure -- ocp4-on-gcp: - check_id: installed_app_is_ocp4_on_gcp - name: cpe:/a:redhat:openshift_container_platform_on_gcp:4 - title: Red Hat OpenShift Container Platform 4 on GCP -- ocp4-on-ovn: - check_id: installed_app_is_ocp4_on_openshiftovn - name: cpe:/a:redhat:openshift_container_platform_on_ovn:4 - title: Red Hat OpenShift Container Platform 4 on OVN -- ocp4-on-sdn: - check_id: installed_app_is_ocp4_on_openshiftsdn - name: cpe:/a:redhat:openshift_container_platform_on_sdn:4 - title: Red Hat OpenShift Container Platform 4 on SDN + - ocp4: + check_id: installed_app_is_ocp4 + name: cpe:/a:redhat:openshift_container_platform:4.1 + title: Red Hat OpenShift Container Platform 4 + - ocp4-node: + check_id: installed_app_is_ocp4_node + name: cpe:/o:redhat:openshift_container_platform_node:4 + title: Red Hat OpenShift Container Platform 4 Node + - ocp4-node-on-ovn: + check_id: installed_app_is_ocp4_node_on_openshift-ovn + name: cpe:/a:redhat:openshift_container_platform_node_on_ovn:4 + title: Red Hat OpenShift Container Platform 4 Node on OVN + - ocp4-node-on-sdn: + check_id: installed_app_is_ocp4_node_on_openshift-sdn + name: cpe:/a:redhat:openshift_container_platform_node_on_sdn:4 + title: Red Hat OpenShift Container Platform 4 Node on SDN + - ocp4.6: + check_id: installed_app_is_ocp4_6 + name: cpe:/a:redhat:openshift_container_platform:4.6 + title: Red Hat OpenShift Container Platform 4.6 + - ocp4.7: + check_id: installed_app_is_ocp4_7 + name: cpe:/a:redhat:openshift_container_platform:4.7 + title: Red Hat OpenShift Container Platform 4.7 + - ocp4.8: + check_id: installed_app_is_ocp4_8 + name: cpe:/a:redhat:openshift_container_platform:4.8 + title: Red Hat OpenShift Container Platform 4.8 + - ocp4.9: + check_id: installed_app_is_ocp4_9 + name: cpe:/a:redhat:openshift_container_platform:4.9 + title: Red Hat OpenShift Container Platform 4.9 + - ocp4.10: + check_id: installed_app_is_ocp4_10 + name: cpe:/a:redhat:openshift_container_platform:4.10 + title: Red Hat OpenShift Container Platform 4.10 + - ocp4.11: + check_id: installed_app_is_ocp4_11 + name: cpe:/a:redhat:openshift_container_platform:4.11 + title: Red Hat OpenShift Container Platform 4.11 + - ocp4.12: + check_id: installed_app_is_ocp4_12 + name: cpe:/a:redhat:openshift_container_platform:4.12 + title: Red Hat OpenShift Container Platform 4.12 + - ocp4.13: + check_id: installed_app_is_ocp4_13 + name: cpe:/a:redhat:openshift_container_platform:4.13 + title: Red Hat OpenShift Container Platform 4.13 + - ocp4.14: + check_id: installed_app_is_ocp4_14 + name: cpe:/a:redhat:openshift_container_platform:4.14 + title: Red Hat OpenShift Container Platform 4.14 + - ocp4.15: + check_id: installed_app_is_ocp4_15 + name: cpe:/a:redhat:openshift_container_platform:4.15 + title: Red Hat OpenShift Container Platform 4.15 + - ocp4.16: + check_id: installed_app_is_ocp4_16 + name: cpe:/a:redhat:openshift_container_platform:4.16 + title: Red Hat OpenShift Container Platform 4.16 + - ocp4.17: + check_id: installed_app_is_ocp4_17 + name: cpe:/a:redhat:openshift_container_platform:4.17 + title: Red Hat OpenShift Container Platform 4.17 + - ocp4.18: + check_id: installed_app_is_ocp4_18 + name: cpe:/a:redhat:openshift_container_platform:4.18 + title: Red Hat OpenShift Container Platform 4.18 + - ocp4-on-aws: + check_id: installed_app_is_ocp4_on_aws + name: cpe:/a:redhat:openshift_container_platform_on_aws:4 + title: Red Hat OpenShift Container Platform 4 on AWS + - ocp4-on-azure: + check_id: installed_app_is_ocp4_on_azure + name: cpe:/a:redhat:openshift_container_platform_on_azure:4 + title: Red Hat OpenShift Container Platform 4 on Azure + - ocp4-on-gcp: + check_id: installed_app_is_ocp4_on_gcp + name: cpe:/a:redhat:openshift_container_platform_on_gcp:4 + title: Red Hat OpenShift Container Platform 4 on GCP + - ocp4-on-ovn: + check_id: installed_app_is_ocp4_on_openshiftovn + name: cpe:/a:redhat:openshift_container_platform_on_ovn:4 + title: Red Hat OpenShift Container Platform 4 on OVN + - ocp4-on-sdn: + check_id: installed_app_is_ocp4_on_openshiftsdn + name: cpe:/a:redhat:openshift_container_platform_on_sdn:4 + title: Red Hat OpenShift Container Platform 4 on SDN cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/ol7.yml b/tests/data/product_stability/ol7.yml index 8adcbf8f32ab..42c3b9a200bd 100644 --- a/tests/data/product_stability/ol7.yml +++ b/tests/data/product_stability/ol7.yml @@ -9,16 +9,16 @@ benchmark_id: OL-7 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- ol7: - check_id: installed_OS_is_ol7_family - name: cpe:/o:oracle:linux:7 - title: Oracle Linux 7 + - ol7: + check_id: installed_OS_is_ol7_family + name: cpe:/o:oracle:linux:7 + title: Oracle Linux 7 cpes_root: ../../shared/applicability dconf_gdm_dir: local.d faillock_path: /var/run/faillock families: -- rhel-like -- ol + - rhel-like + - ol full_name: Oracle Linux 7 gid_min: 1000 groups: diff --git a/tests/data/product_stability/ol8.yml b/tests/data/product_stability/ol8.yml index 674d08b4a26a..5c87c7c5943d 100644 --- a/tests/data/product_stability/ol8.yml +++ b/tests/data/product_stability/ol8.yml @@ -9,16 +9,16 @@ benchmark_id: OL-8 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- ol8: - check_id: installed_OS_is_ol8_family - name: cpe:/o:oracle:linux:8 - title: Oracle Linux 8 + - ol8: + check_id: installed_OS_is_ol8_family + name: cpe:/o:oracle:linux:8 + title: Oracle Linux 8 cpes_root: ../../shared/applicability dconf_gdm_dir: local.d faillock_path: /var/log/faillock families: -- rhel-like -- ol + - rhel-like + - ol full_name: Oracle Linux 8 gid_min: 1000 groups: diff --git a/tests/data/product_stability/ol9.yml b/tests/data/product_stability/ol9.yml index 3d08bd8e2abd..d4a864c614a0 100644 --- a/tests/data/product_stability/ol9.yml +++ b/tests/data/product_stability/ol9.yml @@ -12,16 +12,16 @@ benchmark_id: OL-9 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- ol9: - check_id: installed_OS_is_ol9_family - name: cpe:/o:oracle:linux:9 - title: Oracle Linux 9 + - ol9: + check_id: installed_OS_is_ol9_family + name: cpe:/o:oracle:linux:9 + title: Oracle Linux 9 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/log/faillock families: -- rhel-like -- ol + - rhel-like + - ol full_name: Oracle Linux 9 gid_min: 1000 groups: diff --git a/tests/data/product_stability/openembedded.yml b/tests/data/product_stability/openembedded.yml new file mode 100644 index 000000000000..1cd39d54a16c --- /dev/null +++ b/tests/data/product_stability/openembedded.yml @@ -0,0 +1,78 @@ +aide_also_checks_audispd: 'yes' +aide_also_checks_rsyslog: 'no' +aide_bin_path: /usr/sbin/aide +aide_conf_path: /etc/aide.conf +audisp_conf_path: /etc/audit +auid: 1000 +basic_properties_derived: true +benchmark_id: OPENEMBEDDED +benchmark_root: ../../linux_os/guide +chrony_conf_path: /etc/chrony.conf +cpes: + - openembedded: + check_id: installed_OS_is_openembedded + name: 'cpe:/o:openembedded:nodistro:' + title: OpenEmbedded nodistro + - poky: + check_id: installed_OS_is_poky + name: 'cpe:/o:openembedded:poky:' + title: OpenEmbedded Poky reference distribution +cpes_root: ../../shared/applicability +dconf_gdm_dir: gdm.d +faillock_path: /var/run/faillock +full_name: OpemEmbedded +gid_min: 1000 +groups: {} +grub2_boot_path: /boot/grub2 +grub2_uefi_boot_path: /boot/grub2 +grub_helper_executable: grubby +init_system: systemd +nobody_gid: 65534 +nobody_uid: 65534 +pkg_manager: dnf +pkg_manager_config_file: /etc/dnf/dnf.conf +pkg_system: rpm +platform_package_overrides: + aarch64_arch: null + grub2: grub2-common + login_defs: login + no_ovirt: null + non-uefi: null + not_aarch64_arch: null + not_s390x_arch: null + ovirt: null + s390x_arch: null + sssd: sssd-common + sssd-ldap: null + uefi: null + zipl: s390utils-base +product: openembedded +profiles_root: ./profiles +reference_uris: + anssi: http://www.ssi.gouv.fr/administration/bonnes-pratiques/ + app-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=application-servers + cis-csc: https://www.cisecurity.org/controls/ + cjis: https://www.fbi.gov/file-repository/cjis-security-policy-v5_5_20160601-2-1.pdf + cnss: http://www.cnss.gov/Assets/pdf/CNSSI-1253.pdf + cobit5: https://www.isaca.org/resources/cobit + cui: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf + dcid: not_officially_available + disa: https://public.cyber.mil/stigs/cci/ + hipaa: https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-chapA-subchapC.pdf + isa-62443-2009: https://www.isa.org/products/isa-62443-2-1-2009-security-for-industrial-automat + isa-62443-2013: https://www.isa.org/products/ansi-isa-62443-3-3-99-03-03-2013-security-for-indu + ism: https://www.cyber.gov.au/acsc/view-all-content/ism + iso27001-2013: https://www.iso.org/standard/54534.html + nerc-cip: https://www.nerc.com/pa/Stand/Standard%20Purpose%20Statement%20DL/US_Standard_One-Stop-Shop.xlsx + nist: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf + nist-csf: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf + os-srg: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os + ospp: https://www.niap-ccevs.org/Profile/PP.cfm + pcidss: https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf + pcidss4: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf + stigid: https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux + stigref: https://public.cyber.mil/stigs/srg-stig-tools/ +sshd_distributed_config: 'false' +sysctl_remediate_drop_in_file: 'false' +type: platform +uid_min: 1000 diff --git a/tests/data/product_stability/opensuse.yml b/tests/data/product_stability/opensuse.yml index 160f838ce4cc..17caad471b89 100644 --- a/tests/data/product_stability/opensuse.yml +++ b/tests/data/product_stability/opensuse.yml @@ -9,22 +9,22 @@ benchmark_id: OPENSUSE benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- opensuse-42.1: - check_id: installed_OS_is_opensuse_leap42 - name: cpe:/o:opensuse:leap:42.1 - title: openSUSE Leap 42.1 -- opensuse-42.2: - check_id: installed_OS_is_opensuse_leap42 - name: cpe:/o:opensuse:leap:42.2 - title: openSUSE Leap 42.2 -- opensuse-42.3: - check_id: installed_OS_is_opensuse_leap42 - name: cpe:/o:opensuse:leap:42.3 - title: openSUSE Leap 42.3 -- opensuse-15: - check_id: installed_OS_is_opensuse_leap15 - name: cpe:/o:opensuse:leap:15.0 - title: openSUSE Leap 15.0 + - opensuse-42.1: + check_id: installed_OS_is_opensuse_leap42 + name: cpe:/o:opensuse:leap:42.1 + title: openSUSE Leap 42.1 + - opensuse-42.2: + check_id: installed_OS_is_opensuse_leap42 + name: cpe:/o:opensuse:leap:42.2 + title: openSUSE Leap 42.2 + - opensuse-42.3: + check_id: installed_OS_is_opensuse_leap42 + name: cpe:/o:opensuse:leap:42.3 + title: openSUSE Leap 42.3 + - opensuse-15: + check_id: installed_OS_is_opensuse_leap15 + name: cpe:/o:opensuse:leap:15.0 + title: openSUSE Leap 15.0 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/rhcos4.yml b/tests/data/product_stability/rhcos4.yml index 9aafe305aff6..20cb7910dc3f 100644 --- a/tests/data/product_stability/rhcos4.yml +++ b/tests/data/product_stability/rhcos4.yml @@ -9,10 +9,10 @@ benchmark_id: RHCOS-4 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- rhcos4: - check_id: installed_OS_is_rhcos4 - name: cpe:/o:redhat:enterprise_linux_coreos:4 - title: Red Hat Enterprise Linux CoreOS 4 + - rhcos4: + check_id: installed_OS_is_rhcos4 + name: cpe:/o:redhat:enterprise_linux_coreos:4 + title: Red Hat Enterprise Linux CoreOS 4 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/rhel7.yml b/tests/data/product_stability/rhel7.yml index f1fca36c0c2e..bf716cd4ee32 100644 --- a/tests/data/product_stability/rhel7.yml +++ b/tests/data/product_stability/rhel7.yml @@ -16,32 +16,32 @@ centos_pkg_version: f4a80eb5 chrony_conf_path: /etc/chrony.conf components_root: ../../components cpes: -- rhel7: - check_id: installed_OS_is_rhel7 - name: cpe:/o:redhat:enterprise_linux:7 - title: Red Hat Enterprise Linux 7 -- rhel7-server: - check_id: installed_OS_is_rhel7 - name: cpe:/o:redhat:enterprise_linux:7::server - title: Red Hat Enterprise Linux 7 Server -- rhel7-client: - check_id: installed_OS_is_rhel7 - name: cpe:/o:redhat:enterprise_linux:7::client - title: Red Hat Enterprise Linux 7 Client -- rhel7-computenode: - check_id: installed_OS_is_rhel7 - name: cpe:/o:redhat:enterprise_linux:7::computenode - title: Red Hat Enterprise Linux 7 ComputeNode -- rhel7-workstation: - check_id: installed_OS_is_rhel7 - name: cpe:/o:redhat:enterprise_linux:7::workstation - title: Red Hat Enterprise Linux 7 Workstation + - rhel7: + check_id: installed_OS_is_rhel7 + name: cpe:/o:redhat:enterprise_linux:7 + title: Red Hat Enterprise Linux 7 + - rhel7-server: + check_id: installed_OS_is_rhel7 + name: cpe:/o:redhat:enterprise_linux:7::server + title: Red Hat Enterprise Linux 7 Server + - rhel7-client: + check_id: installed_OS_is_rhel7 + name: cpe:/o:redhat:enterprise_linux:7::client + title: Red Hat Enterprise Linux 7 Client + - rhel7-computenode: + check_id: installed_OS_is_rhel7 + name: cpe:/o:redhat:enterprise_linux:7::computenode + title: Red Hat Enterprise Linux 7 ComputeNode + - rhel7-workstation: + check_id: installed_OS_is_rhel7 + name: cpe:/o:redhat:enterprise_linux:7::workstation + title: Red Hat Enterprise Linux 7 Workstation cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- rhel -- rhel-like + - rhel + - rhel-like full_name: Red Hat Enterprise Linux 7 gid_min: 1000 groups: diff --git a/tests/data/product_stability/rhel8.yml b/tests/data/product_stability/rhel8.yml index 592d6dcd74ba..fca32991a8bf 100644 --- a/tests/data/product_stability/rhel8.yml +++ b/tests/data/product_stability/rhel8.yml @@ -16,60 +16,60 @@ centos_pkg_version: 8483c65d chrony_conf_path: /etc/chrony.conf components_root: ../../components cpes: -- rhel8: - check_id: installed_OS_is_rhel8 - name: cpe:/o:redhat:enterprise_linux:8 - title: Red Hat Enterprise Linux 8 -- rhel8.0: - check_id: installed_OS_is_rhel8_0 - name: cpe:/o:redhat:enterprise_linux:8.0 - title: Red Hat Enterprise Linux 8.0 -- rhel8.1: - check_id: installed_OS_is_rhel8_1 - name: cpe:/o:redhat:enterprise_linux:8.1 - title: Red Hat Enterprise Linux 8.1 -- rhel8.2: - check_id: installed_OS_is_rhel8_2 - name: cpe:/o:redhat:enterprise_linux:8.2 - title: Red Hat Enterprise Linux 8.2 -- rhel8.3: - check_id: installed_OS_is_rhel8_3 - name: cpe:/o:redhat:enterprise_linux:8.3 - title: Red Hat Enterprise Linux 8.3 -- rhel8.4: - check_id: installed_OS_is_rhel8_4 - name: cpe:/o:redhat:enterprise_linux:8.4 - title: Red Hat Enterprise Linux 8.4 -- rhel8.5: - check_id: installed_OS_is_rhel8_5 - name: cpe:/o:redhat:enterprise_linux:8.5 - title: Red Hat Enterprise Linux 8.5 -- rhel8.6: - check_id: installed_OS_is_rhel8_6 - name: cpe:/o:redhat:enterprise_linux:8.6 - title: Red Hat Enterprise Linux 8.6 -- rhel8.7: - check_id: installed_OS_is_rhel8_7 - name: cpe:/o:redhat:enterprise_linux:8.7 - title: Red Hat Enterprise Linux 8.7 -- rhel8.8: - check_id: installed_OS_is_rhel8_8 - name: cpe:/o:redhat:enterprise_linux:8.8 - title: Red Hat Enterprise Linux 8.8 -- rhel8.9: - check_id: installed_OS_is_rhel8_9 - name: cpe:/o:redhat:enterprise_linux:8.9 - title: Red Hat Enterprise Linux 8.9 -- rhel8.10: - check_id: installed_OS_is_rhel8_10 - name: cpe:/o:redhat:enterprise_linux:8.10 - title: Red Hat Enterprise Linux 8.10 + - rhel8: + check_id: installed_OS_is_rhel8 + name: cpe:/o:redhat:enterprise_linux:8 + title: Red Hat Enterprise Linux 8 + - rhel8.0: + check_id: installed_OS_is_rhel8_0 + name: cpe:/o:redhat:enterprise_linux:8.0 + title: Red Hat Enterprise Linux 8.0 + - rhel8.1: + check_id: installed_OS_is_rhel8_1 + name: cpe:/o:redhat:enterprise_linux:8.1 + title: Red Hat Enterprise Linux 8.1 + - rhel8.2: + check_id: installed_OS_is_rhel8_2 + name: cpe:/o:redhat:enterprise_linux:8.2 + title: Red Hat Enterprise Linux 8.2 + - rhel8.3: + check_id: installed_OS_is_rhel8_3 + name: cpe:/o:redhat:enterprise_linux:8.3 + title: Red Hat Enterprise Linux 8.3 + - rhel8.4: + check_id: installed_OS_is_rhel8_4 + name: cpe:/o:redhat:enterprise_linux:8.4 + title: Red Hat Enterprise Linux 8.4 + - rhel8.5: + check_id: installed_OS_is_rhel8_5 + name: cpe:/o:redhat:enterprise_linux:8.5 + title: Red Hat Enterprise Linux 8.5 + - rhel8.6: + check_id: installed_OS_is_rhel8_6 + name: cpe:/o:redhat:enterprise_linux:8.6 + title: Red Hat Enterprise Linux 8.6 + - rhel8.7: + check_id: installed_OS_is_rhel8_7 + name: cpe:/o:redhat:enterprise_linux:8.7 + title: Red Hat Enterprise Linux 8.7 + - rhel8.8: + check_id: installed_OS_is_rhel8_8 + name: cpe:/o:redhat:enterprise_linux:8.8 + title: Red Hat Enterprise Linux 8.8 + - rhel8.9: + check_id: installed_OS_is_rhel8_9 + name: cpe:/o:redhat:enterprise_linux:8.9 + title: Red Hat Enterprise Linux 8.9 + - rhel8.10: + check_id: installed_OS_is_rhel8_10 + name: cpe:/o:redhat:enterprise_linux:8.10 + title: Red Hat Enterprise Linux 8.10 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/log/faillock families: -- rhel -- rhel-like + - rhel + - rhel-like full_name: Red Hat Enterprise Linux 8 gid_min: 1000 groups: diff --git a/tests/data/product_stability/rhel9.yml b/tests/data/product_stability/rhel9.yml index 0d8cb7faef83..219a052404e0 100644 --- a/tests/data/product_stability/rhel9.yml +++ b/tests/data/product_stability/rhel9.yml @@ -16,16 +16,16 @@ centos_pkg_version: 8483c65d chrony_conf_path: /etc/chrony.conf components_root: ../../components cpes: -- rhel9: - check_id: installed_OS_is_rhel9 - name: cpe:/o:redhat:enterprise_linux:9 - title: Red Hat Enterprise Linux 9 + - rhel9: + check_id: installed_OS_is_rhel9 + name: cpe:/o:redhat:enterprise_linux:9 + title: Red Hat Enterprise Linux 9 cpes_root: ../../shared/applicability dconf_gdm_dir: distro.d faillock_path: /var/log/faillock families: -- rhel -- rhel-like + - rhel + - rhel-like full_name: Red Hat Enterprise Linux 9 gid_min: 1000 groups: diff --git a/tests/data/product_stability/rhv4.yml b/tests/data/product_stability/rhv4.yml index 6fdf28f548bb..750b86d6b156 100644 --- a/tests/data/product_stability/rhv4.yml +++ b/tests/data/product_stability/rhv4.yml @@ -12,14 +12,14 @@ benchmark_id: RHV-4 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- rhel8-host: - check_id: installed_OS_is_rhv4 - name: cpe:/o:redhat:enterprise_linux:8::hypervisor - title: Red Hat Virtualization 4 Host -- rhvm4: - check_id: installed_app_is_rhv4 - name: cpe:/a:redhat:enterprise_virtualization_manager:4 - title: Red Hat Virtualization 4 Manager + - rhel8-host: + check_id: installed_OS_is_rhv4 + name: cpe:/o:redhat:enterprise_linux:8::hypervisor + title: Red Hat Virtualization 4 Host + - rhvm4: + check_id: installed_app_is_rhv4 + name: cpe:/a:redhat:enterprise_virtualization_manager:4 + title: Red Hat Virtualization 4 Manager cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock diff --git a/tests/data/product_stability/sle12.yml b/tests/data/product_stability/sle12.yml index 1bfa582431f4..64d49c3c3f0a 100644 --- a/tests/data/product_stability/sle12.yml +++ b/tests/data/product_stability/sle12.yml @@ -9,19 +9,19 @@ benchmark_id: SLE-12 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- sle12-server: - check_id: installed_OS_is_sle12 - name: cpe:/o:suse:linux_enterprise_server:12 - title: SUSE Linux Enterprise Server 12 -- sle12-desktop: - check_id: installed_OS_is_sle12 - name: cpe:/o:suse:linux_enterprise_desktop:12 - title: SUSE Linux Enterprise Desktop 12 + - sle12-server: + check_id: installed_OS_is_sle12 + name: cpe:/o:suse:linux_enterprise_server:12 + title: SUSE Linux Enterprise Server 12 + - sle12-desktop: + check_id: installed_OS_is_sle12 + name: cpe:/o:suse:linux_enterprise_desktop:12 + title: SUSE Linux Enterprise Desktop 12 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- suse + - suse full_name: SUSE Linux Enterprise 12 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/sle15.yml b/tests/data/product_stability/sle15.yml index 8a128224e66e..708bc0101146 100644 --- a/tests/data/product_stability/sle15.yml +++ b/tests/data/product_stability/sle15.yml @@ -9,19 +9,19 @@ benchmark_id: SLE-15 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- sle15-server: - check_id: installed_OS_is_sle15 - name: cpe:/o:suse:linux_enterprise_server:15 - title: SUSE Linux Enterprise Server 15 -- sle15-desktop: - check_id: installed_OS_is_sle15 - name: cpe:/o:suse:linux_enterprise_desktop:15 - title: SUSE Linux Enterprise Desktop 15 + - sle15-server: + check_id: installed_OS_is_sle15 + name: cpe:/o:suse:linux_enterprise_server:15 + title: SUSE Linux Enterprise Server 15 + - sle15-desktop: + check_id: installed_OS_is_sle15 + name: cpe:/o:suse:linux_enterprise_desktop:15 + title: SUSE Linux Enterprise Desktop 15 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- suse + - suse full_name: SUSE Linux Enterprise 15 gid_min: 1000 groups: {} @@ -40,6 +40,7 @@ pkg_system: rpm pkg_version: 39db7c82 platform_package_overrides: aarch64_arch: null + crontabs: cronie grub2: grub2 login_defs: shadow no_ovirt: null diff --git a/tests/data/product_stability/ubuntu1604.yml b/tests/data/product_stability/ubuntu1604.yml index 1a2c2d4ef6c2..4ecb65241e98 100644 --- a/tests/data/product_stability/ubuntu1604.yml +++ b/tests/data/product_stability/ubuntu1604.yml @@ -9,16 +9,16 @@ benchmark_id: UBUNTU-XENIAL benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony/chrony.conf cpes: -- ubuntu1604: - check_id: installed_OS_is_ubuntu1604 - name: cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ - title: Ubuntu release 16.04 (Xenial) + - ubuntu1604: + check_id: installed_OS_is_ubuntu1604 + name: cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ + title: Ubuntu release 16.04 (Xenial) cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian-like -- ubuntu + - debian-like + - ubuntu full_name: Ubuntu 16.04 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/ubuntu1804.yml b/tests/data/product_stability/ubuntu1804.yml index 74495aac5570..70ba2f4af182 100644 --- a/tests/data/product_stability/ubuntu1804.yml +++ b/tests/data/product_stability/ubuntu1804.yml @@ -9,16 +9,16 @@ benchmark_id: UBUNTU-BIONIC benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony/chrony.conf cpes: -- ubuntu1804: - check_id: installed_OS_is_ubuntu1804 - name: cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~ - title: Ubuntu release 18.04 (Bionic Beaver) + - ubuntu1804: + check_id: installed_OS_is_ubuntu1804 + name: cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~ + title: Ubuntu release 18.04 (Bionic Beaver) cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian-like -- ubuntu + - debian-like + - ubuntu full_name: Ubuntu 18.04 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/ubuntu2004.yml b/tests/data/product_stability/ubuntu2004.yml index 4913441133a7..7a2b4f8ef909 100644 --- a/tests/data/product_stability/ubuntu2004.yml +++ b/tests/data/product_stability/ubuntu2004.yml @@ -9,16 +9,16 @@ benchmark_id: UBUNTU_20-04 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony/chrony.conf cpes: -- ubuntu2004: - check_id: installed_OS_is_ubuntu2004 - name: cpe:/o:canonical:ubuntu_linux:20.04::~~lts~~~ - title: Ubuntu release 20.04 (Focal Fossa) + - ubuntu2004: + check_id: installed_OS_is_ubuntu2004 + name: cpe:/o:canonical:ubuntu_linux:20.04::~~lts~~~ + title: Ubuntu release 20.04 (Focal Fossa) cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian-like -- ubuntu + - debian-like + - ubuntu full_name: Ubuntu 20.04 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/ubuntu2204.yml b/tests/data/product_stability/ubuntu2204.yml index f4b1544c968e..7b8a868c997b 100644 --- a/tests/data/product_stability/ubuntu2204.yml +++ b/tests/data/product_stability/ubuntu2204.yml @@ -9,16 +9,16 @@ benchmark_id: UBUNTU_22-04 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony/chrony.conf cpes: -- ubuntu2204: - check_id: installed_OS_is_ubuntu2204 - name: cpe:/o:canonical:ubuntu_linux:22.04::~~lts~~~ - title: Ubuntu release 22.04 (Jammy Jellyfish) + - ubuntu2204: + check_id: installed_OS_is_ubuntu2204 + name: cpe:/o:canonical:ubuntu_linux:22.04::~~lts~~~ + title: Ubuntu release 22.04 (Jammy Jellyfish) cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock families: -- debian-like -- ubuntu + - debian-like + - ubuntu full_name: Ubuntu 22.04 gid_min: 1000 groups: {} diff --git a/tests/data/product_stability/uos20.yml b/tests/data/product_stability/uos20.yml index d4d52d67026a..82f8ee59028f 100644 --- a/tests/data/product_stability/uos20.yml +++ b/tests/data/product_stability/uos20.yml @@ -9,10 +9,10 @@ benchmark_id: UOS-20 benchmark_root: ../../linux_os/guide chrony_conf_path: /etc/chrony.conf cpes: -- uos20: - check_id: installed_OS_is_uos20 - name: cpe:/o:uos:uniontech_os_server:20 - title: UnionTech OS Server 20 + - uos20: + check_id: installed_OS_is_uos20 + name: cpe:/o:uos:uniontech_os_server:20 + title: UnionTech OS Server 20 cpes_root: ../../shared/applicability dconf_gdm_dir: gdm.d faillock_path: /var/run/faillock