Skip to content

Commit a6568f4

Browse files
Mab879Mab879
authored
Merge pull request #14371 from jan-cerny/login_banner_rework
Store plain login banner text in XCCDF Value
2 parents d856bd3 + ffe160a commit a6568f4

File tree

102 files changed

+474
-198
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

102 files changed

+474
-198
lines changed

controls/ccn_ol9.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -623,10 +623,15 @@ controls:
623623
- banner_etc_motd
624624
- dconf_gnome_banner_enabled
625625
- dconf_gnome_login_banner_text
626+
- dconf_login_banner_text=cis_default
627+
- dconf_login_banner_contents=cis_default
626628
- sshd_enable_warning_banner_net
627629
- login_banner_text=cis_default
630+
- login_banner_contents=cis_default
628631
- motd_banner_text=cis_default
632+
- motd_banner_contents=cis_default
629633
- remote_login_banner_text=cis_default
634+
- remote_login_banner_contents=cis_default
630635

631636
- id: A.11.SEC-OL5
632637
title: Network Acess to the System is Controlled

controls/cis_al2023.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -468,6 +468,7 @@ controls:
468468
rules:
469469
- banner_etc_motd
470470
- motd_banner_text=cis_banners
471+
- motd_banner_contents=cis_default
471472

472473
- id: 1.7.2
473474
title: Ensure local login warning banner is configured properly (Automated)
@@ -477,6 +478,7 @@ controls:
477478
rules:
478479
- banner_etc_issue
479480
- login_banner_text=cis_banners
481+
- login_banner_contents=cis_default
480482

481483
- id: 1.7.3
482484
title: Ensure remote login warning banner is configured properly (Automated)
@@ -486,6 +488,7 @@ controls:
486488
rules:
487489
- banner_etc_issue_net
488490
- remote_login_banner_text=cis_banners
491+
- remote_login_banner_contents=cis_default
489492

490493
- id: 1.7.4
491494
title: Ensure permissions on /etc/motd are configured (Automated)

controls/cis_almalinux9.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -691,7 +691,8 @@ controls:
691691
rules:
692692
- dconf_gnome_banner_enabled
693693
- dconf_gnome_login_banner_text
694-
- login_banner_text=cis_banners
694+
- dconf_login_banner_text=cis_banners
695+
- dconf_login_banner_contents=cis_default
695696

696697
- id: 1.8.3
697698
title: Ensure GDM disable-user-list option is enabled (Automated)

controls/cis_debian12.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -540,7 +540,8 @@ controls:
540540
- l1_server
541541
- l1_workstation
542542
rules:
543-
- login_banner_text=cis_default
543+
- dconf_login_banner_text=cis_default
544+
- dconf_login_banner_contents=cis_default
544545
- dconf_gnome_banner_enabled
545546
- dconf_gnome_login_banner_text
546547
status: automated

controls/cis_fedora.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -710,7 +710,8 @@ controls:
710710
rules:
711711
- dconf_gnome_banner_enabled
712712
- dconf_gnome_login_banner_text
713-
- login_banner_text=cis_banners
713+
- dconf_login_banner_text=cis_banners
714+
- dconf_login_banner_contents=cis_default
714715

715716
- id: 1.8.2
716717
title: Ensure GDM disable-user-list is configured (Automated)

controls/cis_sle12.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -457,6 +457,7 @@ controls:
457457
rules:
458458
- banner_etc_motd
459459
- motd_banner_text=cis_banners
460+
- motd_banner_contents=cis_default
460461

461462
- id: 1.8.1.2
462463
title: Ensure local login warning banner is configured properly (Automated)
@@ -467,6 +468,7 @@ controls:
467468
rules:
468469
- banner_etc_issue
469470
- login_banner_text=cis_banners
471+
- login_banner_contents=cis_default
470472

471473
- id: 1.8.1.3
472474
title: Ensure remote login warning banner is configured properly (Automated)
@@ -477,6 +479,7 @@ controls:
477479
rules:
478480
- banner_etc_issue_net
479481
- remote_login_banner_text=cis_banners
482+
- remote_login_banner_contents=cis_default
480483

481484
- id: 1.8.1.4
482485
title: Ensure permissions on /etc/motd are configured (Automated)
@@ -535,7 +538,8 @@ controls:
535538
- dconf_gnome_disable_user_list
536539
- dconf_gnome_banner_enabled
537540
- dconf_gnome_login_banner_text
538-
- login_banner_text=cis_default
541+
- dconf_login_banner_text=cis_default
542+
- dconf_login_banner_contents=cis_default
539543

540544
- id: 2.1.1
541545
title: Ensure xinetd is not installed (Automated)

controls/cis_sle15.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -455,6 +455,7 @@ controls:
455455
rules:
456456
- banner_etc_motd
457457
- motd_banner_text=cis_banners
458+
- motd_banner_contents=cis_default
458459

459460
- id: 1.8.1.2
460461
title: Ensure local login warning banner is configured properly (Automated)
@@ -465,6 +466,7 @@ controls:
465466
rules:
466467
- banner_etc_issue
467468
- login_banner_text=cis_banners
469+
- login_banner_contents=cis_default
468470

469471
- id: 1.8.1.3
470472
title: Ensure remote login warning banner is configured properly (Automated)
@@ -475,6 +477,7 @@ controls:
475477
rules:
476478
- banner_etc_issue_net
477479
- remote_login_banner_text=cis_banners
480+
- remote_login_banner_contents=cis_default
478481

479482
- id: 1.8.1.4
480483
title: Ensure permissions on /etc/motd are configured (Automated)
@@ -532,7 +535,8 @@ controls:
532535
- enable_dconf_user_profile
533536
- dconf_gnome_banner_enabled
534537
- dconf_gnome_login_banner_text
535-
- login_banner_text=cis_default
538+
- dconf_login_banner_text=cis_default
539+
- dconf_login_banner_contents=cis_default
536540

537541
- id: 2.1.1
538542
title: Ensure xinetd is not installed (Automated)

controls/cis_ubuntu2204.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -528,7 +528,8 @@ controls:
528528
- l1_server
529529
- l1_workstation
530530
rules:
531-
- login_banner_text=cis_default
531+
- dconf_login_banner_text=cis_default
532+
- dconf_login_banner_contents=cis_default
532533
- dconf_gnome_banner_enabled
533534
- dconf_gnome_login_banner_text
534535
status: automated

controls/cis_ubuntu2404.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -561,7 +561,8 @@ controls:
561561
- l1_server
562562
- l1_workstation
563563
rules:
564-
- login_banner_text=cis_default
564+
- dconf_login_banner_text=cis_default
565+
- dconf_login_banner_contents=cis_default
565566
- dconf_gnome_banner_enabled
566567
- dconf_gnome_login_banner_text
567568
status: automated

controls/general_sle15.yml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -470,6 +470,7 @@ controls:
470470
rules:
471471
- banner_etc_motd
472472
- motd_banner_text=cis_banners
473+
- motd_banner_contents=cis_default
473474

474475
- id: SLES-15-151050030
475476
title: Modify the System Login Banner
@@ -479,6 +480,7 @@ controls:
479480
rules:
480481
- banner_etc_issue
481482
- login_banner_text=cis_banners
483+
- login_banner_contents=cis_default
482484

483485
- id: SLES-15-151050045
484486
title: Modify the System Login Banner for Remote Connections
@@ -488,6 +490,7 @@ controls:
488490
rules:
489491
- banner_etc_issue_net
490492
- remote_login_banner_text=cis_banners
493+
- remote_login_banner_contents=cis_default
491494

492495
- id: SLES-15-151050060
493496
title: Configure access to the Message of the Day Banner
@@ -535,7 +538,8 @@ controls:
535538
rules:
536539
- dconf_gnome_banner_enabled
537540
- dconf_gnome_login_banner_text
538-
- login_banner_text=cis_default
541+
- dconf_login_banner_text=cis_default
542+
- dconf_login_banner_contents=cis_default
539543

540544
- id: SLES-15-151200135
541545
title: Disable the GDM Login User List

0 commit comments

Comments
 (0)