|
|
|
@479
|
[479]
|
04/13/10 14:50:46 |
esealing |
Updated all exec statements in puppet content
Many of the exec statements … |
|
|
|
@475
|
[475]
|
11/03/09 14:00:00 |
esealing |
Removed resolve-deps and mouse again. |
|
|
|
@474
|
[474]
|
11/03/09 13:55:27 |
esealing |
Checked in revision to kickstart. This includes the new clip repository … |
|
|
|
@472
|
[472]
|
10/27/09 13:17:06 |
esealing |
Created 3 templates (sa1, sa2, sysstat) to correct GEN001260 permissions … |
|
|
|
@471
|
[471]
|
10/27/09 13:11:54 |
bwhalen |
Update default contexts to use the proper roles that are in associated … |
|
|
|
@470
|
[470]
|
10/23/09 13:37:59 |
esealing |
Removed user: puppet. Changed all files that were owned by puppet to … |
|
|
|
@469
|
[469]
|
10/22/09 13:30:35 |
esealing |
Added require statement to require the root user before trying to change … |
|
|
|
@468
|
[468]
|
10/22/09 13:29:29 |
esealing |
Addedd a require statement to require clipuser before trying to change all … |
|
|
|
@467
|
[467]
|
10/22/09 13:28:13 |
esealing |
Used exec tp turn off xinetd. (chkconfig).
Removed puppet xinetd service … |
|
|
|
@466
|
[466]
|
10/22/09 13:17:38 |
esealing |
Used exec statement to change folder permission for cron folders. Removed … |
|
|
|
@465
|
[465]
|
10/22/09 11:03:25 |
esealing |
GEN000920 had init.pp files, but was not added to the site.pp. This was … |
|
|
|
@464
|
[464]
|
10/21/09 15:52:49 |
esealing |
Added Newline character to hosts.deny file to satisfy what the STIGs are … |
|
|
|
@463
|
[463]
|
10/21/09 10:21:03 |
esealing |
Corrected mistyped syscall (setdomainname). |
|
|
|
@462
|
[462]
|
10/20/09 15:38:11 |
esealing |
Added a require statement due a conflict with AC-3 that would just change … |
|
|
|
@461
|
[461]
|
10/20/09 14:17:53 |
esealing |
The puppet site file was not including the SRR fix manifest for GEN3180. … |
|
|
|
@460
|
[460]
|
10/20/09 14:07:20 |
esealing |
Changed "ALL: ALL" to "ALL:ALL" for bug 4956 (GEN006620 failure) |
|
|
|
@459
|
[459]
|
10/15/09 16:13:22 |
esealing |
Added a requirement to the "user" to require the class ia-7::main be … |
|
|
|
@458
|
[458]
|
10/15/09 13:32:34 |
bwhalen |
Fix path the CLIP build/Makefile that prevented clip and puppet rpms from … |
|
|
|
@457
|
[457]
|
10/09/09 14:54:23 |
esealing |
Implemented the new architecture checks for system call auditing.
Object … |
|
|
|
@456
|
[456]
|
10/09/09 10:07:16 |
esealing |
Reimplemented the architecture flag '-F arch=b32' and '-F arch=b64' in the … |
|
|
|
@455
|
[455]
|
10/05/09 12:40:56 |
bwhalen |
Allow root to get to secadm by newroling |
|
|
|
@454
|
[454]
|
10/02/09 15:14:17 |
bwhalen |
Add revisor to trunk to allow CLIP to build custom DVDs for installation. |
|
|
|
@453
|
[453]
|
10/01/09 15:33:23 |
esealing |
1) Updated clip.spec to remove the audit configuration. This will prevent … |
|
|
|
@452
|
[452]
|
09/25/09 13:59:20 |
esealing |
The clip-rpm was overwriting the audit.rules file that puppet was … |
|
|
|
@451
|
[451]
|
09/25/09 11:47:20 |
esealing |
Missed the last line in the file. Still had the bad variable call |
|
|
|
@450
|
[450]
|
09/25/09 11:39:54 |
esealing |
Reconfigured AU-2 template directory to conventions listed on puppet … |
|
|
|
@449
|
[449]
|
09/25/09 11:38:41 |
esealing |
Need to checkin before moving to different directory |
|
|
|
@448
|
[448]
|
09/25/09 11:36:02 |
esealing |
reconfigured puppet AU-2. Architecture Variable was put into the … |
|
|
|
@447
|
[447]
|
09/24/09 12:18:24 |
esealing |
Updated the audit.rules file to include architecture flag (-F arch=b32) … |
|
|
|
@446
|
[446]
|
09/24/09 09:02:03 |
esealing |
Modified the kickstart to take out the deprecated options: mouse, … |
|
|
|
@445
|
[445]
|
09/24/09 08:51:59 |
esealing |
Creating a new folder for RHEL5.4 |
|
|
|
@444
|
[444]
|
09/08/09 14:07:53 |
bwhalen |
Fix sed issues with SC-5 replacing lines in sysctl.conf. While the … |
|
|
|
@442
|
[442]
|
09/02/09 18:36:03 |
bwhalen |
For now set def:2041 to unknown until we can duplicate the grep -v … |
|
|
|
@441
|
[441]
|
09/02/09 17:39:56 |
bwhalen |
Let system admins read from cdrom devices that were mounted manually. |
|
|
|
@440
|
[440]
|
09/02/09 15:14:59 |
bwhalen |
Move the information in the README to the INSTALL file. Make the README … |
|
|
|
@439
|
[439]
|
09/02/09 13:50:46 |
bwhalen |
Update for bug #2043, now find any login < 500 that has a shell listed in … |
|
|
|
@438
|
[438]
|
09/02/09 13:23:29 |
esealing |
Fixed def:2066- negateda test the looks for size equal to 0. If file … |
|
|
|
@437
|
[437]
|
09/02/09 12:41:16 |
esealing |
Fixed def:2017-Manpages check |
|
|
|
@436
|
[436]
|
09/01/09 14:09:28 |
esealing |
Release version wrong in puppet.spec file. Updated to Release 2, so rpm is … |
|
|
|
@435
|
[435]
|
09/01/09 13:21:45 |
esealing |
Had previously commented out def:2017 for quicker testing. Uncommented for … |
|
|
|
@434
|
[434]
|
09/01/09 12:57:53 |
esealing |
Modified multiple bugs. See Fogbugz for specifics |
|
|
|
@433
|
[433]
|
09/01/09 12:51:53 |
bwhalen |
Instead of linking the files to /dev/null, ensure that the files do not … |
|
|
|
@432
|
[432]
|
08/31/09 16:10:16 |
esealing |
Updated obj:2123 to only look for *.info, instead of every line in the … |
|
|
|
@431
|
[431]
|
08/31/09 14:52:25 |
esealing |
updated def:1001 to not include the kernel-devel test (tst:1023) |
|
|
|
@430
|
[430]
|
08/31/09 14:30:32 |
esealing |
updated obj:2207 & 2208 to read from /proc/sys/net... instead of the … |
|
|
|
@429
|
[429]
|
08/31/09 13:38:44 |
esealing |
updated obj:2096 to pattern match on dirctory, then recursively get all … |
|
|
|
@428
|
[428]
|
08/31/09 13:14:31 |
bwhalen |
Actually recurse the /etc/.* directories and use the test to find out if … |
|
|
|
@427
|
[427]
|
08/31/09 13:06:25 |
bwhalen |
If there are snmpd.conf files, ensure that they have root:sys as the … |
|
|
|
@426
|
[426]
|
08/31/09 12:54:32 |
bwhalen |
Correct incorrect GEN 2640->2560 reference
Put the recursive checks into … |
|
|
|
@425
|
[425]
|
08/31/09 12:30:50 |
mkeeler |
updated file finder to look for files that are not only regular files, but … |
|
|
|
@424
|
[424]
|
08/31/09 10:45:50 |
esealing |
Updated def:2056 to look in the correct directories, recursivley |
|
|
|
@423
|
[423]
|
08/30/09 21:22:07 |
bwhalen |
Fix bug #4462 regular expression check on /etc/pam.d/sshd |
|
|
|
@422
|
[422]
|
08/30/09 21:15:29 |
bwhalen |
Fix loads bugs found during regression testing of scap content. … |
|
|
|
@421
|
[421]
|
08/28/09 17:48:55 |
esealing |
Updated ste:2153 to look for group ID 0 instead of string:root |
|
|
|
@420
|
[420]
|
08/28/09 15:58:34 |
esealing |
Updated obj:2225 to only look in the /home/ directory. Took WAY to long … |
|
|
|
@419
|
[419]
|
08/28/09 15:28:16 |
esealing |
Updated ste:2107 to reflect root's group as 0, instead of the string root |
|
|
|
@418
|
[418]
|
08/28/09 15:23:52 |
mkeeler |
Patch to fix multiple items for the same path turning up. (one with / on … |
|
|
|
@417
|
[417]
|
08/28/09 14:27:52 |
mkeeler |
created patch to fix pattern matching problems with the path names |
|
|
|
@416
|
[416]
|
08/28/09 14:04:21 |
mkeeler |
previous version broken file objects when they didnt have the behaviors … |
|
|
|
@415
|
[415]
|
08/28/09 13:51:17 |
mkeeler |
recursion implemented for the xml cases listed in FogBugz? |
|
|
|
@414
|
[414]
|
08/28/09 13:24:07 |
mkeeler |
More revisions in FileFinder? fix the recursion problems for bug 4378 |
|
|
|
@413
|
[413]
|
08/28/09 12:28:21 |
bwhalen |
Fix for bug #4381. Currently we are just checking our way of configuring … |
|
|
|
@412
|
[412]
|
08/28/09 11:55:41 |
bwhalen |
Update the main README to explain how to build ovaldi. Update the INSTALL … |
|
|
|
@411
|
[411]
|
08/28/09 11:39:01 |
bwhalen |
Move the ovaldi patches into trunk until we push them upstream. |
|
|
|
@410
|
[410]
|
08/28/09 11:17:14 |
bwhalen |
This bug is fixed for now. We really should be recursing any possible … |
|
|
|
@409
|
[409]
|
08/28/09 09:28:22 |
bwhalen |
Make GEN001460 an unknown test because we cannot mix password object data … |
|
|
|
@407
|
[407]
|
08/27/09 14:58:15 |
bwhalen |
Check if fingerd is on. Tests to check for xinetd launching fingerd and … |
|
|
|
@406
|
[406]
|
08/27/09 14:47:24 |
mkeeler |
finish the merge by altering tst numbers, so xml will validate |
|
|
|
@405
|
[405]
|
08/27/09 14:42:28 |
mkeeler |
merge our xml |
|
|
|
@404
|
[404]
|
08/27/09 14:01:45 |
bwhalen |
further fixes for bug #4378, put in the checks to see if xinetd is running |
|
|
|
@403
|
[403]
|
08/27/09 13:24:28 |
bwhalen |
ovaldi did not have proper interfaces, should be run by the security … |
|
|
|
@402
|
[402]
|
08/27/09 12:44:41 |
bwhalen |
Fix for bug #4386. Found issue in pattern matching on filenames in ovaldi … |
|
|
|
@401
|
[401]
|
08/26/09 15:52:24 |
bwhalen |
Oval test 001080 bug #4382 |
|
|
|
@400
|
[400]
|
08/26/09 13:58:27 |
bwhalen |
Add in the ovaldi package to our yum installation |
|
|
|
@399
|
[399]
|
08/26/09 13:07:06 |
bwhalen |
zerombr no longer takes an argument
clean up some leftover comments that … |
|
|
|
@398
|
[398]
|
08/26/09 10:01:53 |
bwhalen |
Update version number to 3.1.2 |
|
|
|
@397
|
[397]
|
08/26/09 09:58:03 |
bwhalen |
Have the kickstart now install the clip rpm |
|
|
|
@396
|
[396]
|
08/26/09 09:53:22 |
bwhalen |
Why were we ever installing avahi.… |
|
|
|
@395
|
[395]
|
08/26/09 09:51:50 |
bwhalen |
Update the version number to 3.1.2 |
|
|
|
@394
|
[394]
|
08/26/09 09:50:44 |
bwhalen |
Fix the spec file so that we no longer have errors installing. Basically … |
|
|
|
@393
|
[393]
|
08/26/09 09:49:16 |
mkeeler |
BUG 4406 resolved and parts of 4377 had to be fixed in the process |
|
|
|
@391
|
[391]
|
08/25/09 14:26:52 |
bwhalen |
Updates the the clip rpm.
Add in the clip oval xml data
Update so that … |
|
|
|
@390
|
[390]
|
08/25/09 13:51:07 |
bwhalen |
Move the verification work into trunk for final updates before release |
|
|
|
@386
|
[386]
|
08/14/09 14:41:08 |
bwhalen |
Fix typo in makefile, Tresys is an LLC not and LLS bug #38 |
|
|
|
@385
|
[385]
|
08/10/09 20:59:28 |
bwhalen |
Update the minor release number for the network start bug fix |
|
|
|
@384
|
[384]
|
08/10/09 15:13:20 |
bwhalen |
Always allow initrc to read the network_conf_t files
Allow dhcpc to read … |
|
|
|
@383
|
[383]
|
08/10/09 10:36:27 |
bwhalen |
Copy/Paste error, we depend on network_conf_t not net_conf_t in the … |
|
|
|
@380
|
[380]
|
07/17/09 14:54:48 |
bwhalen |
Fix typo on inittab
Ticket #46 |
|
|
|
@354
|
[354]
|
06/11/09 13:33:54 |
bwhalen |
Fix incorrect update. Meant to keep apm in base not remove. |
|
|
|
@353
|
[353]
|
06/11/09 13:30:22 |
bwhalen |
Put apm back in base, policy doesn't like when its not there
Update the … |
|
|
|
@349
|
[349]
|
06/10/09 14:40:46 |
cpebenito |
fix GEN002120-002220 to fit back into the STIG-puppet naming convention. |
|
|
|
@348
|
[348]
|
06/10/09 14:30:49 |
cpebenito |
actually instantiate the classes inside the STIG modules. |
|
|
|
@347
|
[347]
|
06/10/09 14:26:23 |
cpebenito |
set a default path for exec resources. |
|
|
|
@346
|
[346]
|
06/10/09 14:25:52 |
cpebenito |
fix typo in GEN003520. |
|
|
|
@345
|
[345]
|
06/10/09 14:12:33 |
cpebenito |
fix recursive -> recurse in file resources. |
|
|
|
@344
|
[344]
|
06/10/09 14:00:20 |
cpebenito |
fix GEN003340 class name. |
|
|
|
@343
|
[343]
|
06/10/09 13:56:44 |
cpebenito |
move GEN003060 into AC-3 to prevent a duplicate resource error. |
|
|
|
@342
|
[342]
|
06/10/09 11:27:51 |
cpebenito |
move dcid 6/3 annotations from the kickstart into the puppet site.pp. |
|
|
|
@341
|
[341]
|
06/10/09 11:21:17 |
cpebenito |
fix syntax error GEN001820 |
|
|
|
@340
|
[340]
|
06/10/09 11:17:52 |
cpebenito |
implement GEN001460, GEN004580, GEN001560 in puppet |
