Navigation

← Previous Changeset
Next Changeset →

Changeset 198

Timestamp:

06/11/08 13:35:44 (4 months ago)

Author:

slawrence

Message:

- Remove 'quiet' option from pam_tally. It isn't a valid option.
- Stop 'mesg n' from being written to /etc/environment.
- Stop clip rpm from overwriting the changes the kickstart/stigs make to audit.rules.

Files:

trunk/RHEL5.2/RPM/clip.spec (modified) (1 diff)
trunk/RHEL5.2/conf/audit/Makefile (modified) (1 diff)
trunk/RHEL5.2/kickstart/clip.ks (modified) (2 diffs)
trunk/RHEL5.2/scripts/installer.in (modified) (1 diff)
trunk/RHEL5.2/scripts/stig-fix/cat2/gen000460.sh (modified) (1 diff)
trunk/RHEL5.2/scripts/stig-fix/cat3/gen001780.sh (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/RHEL5.2/RPM/clip.spec

r133	r198
37	37	%defattr(-,root,root,-)
38	38	/usr/share/clip/conf/audit/auditd.conf
39		/usr/share/clip/conf/audit/audit.rules
	39	#/usr/share/clip/conf/audit/audit.rules
40	40	/usr/share/clip/conf/pam/login.pam
41	41	/usr/share/clip/conf/pam/newrole.pam

trunk/RHEL5.2/conf/audit/Makefile

r1	r198
1	1	install:
2	2	test -d $(DESTDIR)$(CONFDIR)/audit \| install -d -m 755 $(DESTDIR)$(CONFDIR)/audit
3		install -m 644 .conf .rules $(DESTDIR)$(CONFDIR)/audit
	3	# install -m 644 .conf .rules $(DESTDIR)$(CONFDIR)/audit
	4	install -m 644 *.conf $(DESTDIR)$(CONFDIR)/audit

trunk/RHEL5.2/kickstart/clip.ks

r197	r198
362	362	# User changes will be destroyed the next time authconfig is run.
363	363	#5 login attempts within 30 seconds. Locked out for 60 seconds if fail
364		auth required pam_tally.so deny=3 onerr=fail unlock_time=900 ~~quiet~~
	364	auth required pam_tally.so deny=3 onerr=fail unlock_time=900
365	365	auth required pam_env.so
366	366	auth sufficient pam_unix.so nullok try_first_pass audit
…	…
525	525	## (GEN001780: CAT III) (Previously â G112) The SA will ensure global
526	526	## initialization files contain the command mesg ân.
527		for FILE in /etc/{profile,bashrc~~,environment~~}; do
	527	for FILE in /etc/{profile,bashrc}; do
528	528	echo "mesg n" >> $FILE
529	529	done;

trunk/RHEL5.2/scripts/installer.in

r193	r198
39	39	InstallAudit() {
40	40	Copy $AUDITDIR/auditd.conf /etc/audit/auditd.conf
41		Copy $AUDITDIR/audit.rules /etc/audit/audit.rules
	41	# Copy $AUDITDIR/audit.rules /etc/audit/audit.rules
42	42	auditctl -R /etc/audit/audit.rules
43	43	}

trunk/RHEL5.2/scripts/stig-fix/cat2/gen000460.sh

r196	r198
13	13	# User changes will be destroyed the next time authconfig is run.
14	14	#5 login attempts within 30 seconds. Locked out for 60 seconds if fail
15		auth required pam_tally.so deny=3 onerr=fail unlock_time=900 ~~quiet~~
	15	auth required pam_tally.so deny=3 onerr=fail unlock_time=900
16	16	auth required pam_env.so
17	17	auth sufficient pam_unix.so nullok try_first_pass audit

trunk/RHEL5.2/scripts/stig-fix/cat3/gen001780.sh

r144	r198
7	7	echo ' initialization files'
8	8	echo '==================================================='
9		for FILE in /etc/{profile,bashrc~~,environment~~}; do
	9	for FILE in /etc/{profile,bashrc}; do
10	10	echo "mesg n" >> $FILE
11	11	done;

Download in other formats:

Unified Diff
Zip Disabled

* Generating other formats may take time.