|
3 | 3 | "uuid": "673e9d3e-1259-437f-9893-b77522335217", |
4 | 4 | "metadata": { |
5 | 5 | "title": "Component definition for rhel10", |
6 | | - "last-modified": "2026-04-20T15:10:07.178558+00:00", |
7 | | - "version": "1.6", |
| 6 | + "last-modified": "2026-04-20T15:10:31.055024+00:00", |
| 7 | + "version": "1.7", |
8 | 8 | "oscal-version": "1.1.3" |
9 | 9 | }, |
10 | 10 | "components": [ |
@@ -8870,290 +8870,314 @@ |
8870 | 8870 | { |
8871 | 8871 | "name": "Rule_Id", |
8872 | 8872 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8873 | | - "value": "configure_firewalld_ports", |
| 8873 | + "value": "package_rsyslog-gnutls_installed", |
8874 | 8874 | "remarks": "rule_set_160" |
8875 | 8875 | }, |
8876 | 8876 | { |
8877 | 8877 | "name": "Rule_Description", |
8878 | 8878 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8879 | | - "value": "Configure the Firewalld Ports", |
| 8879 | + "value": "Ensure rsyslog-gnutls is installed", |
8880 | 8880 | "remarks": "rule_set_160" |
8881 | 8881 | }, |
8882 | 8882 | { |
8883 | 8883 | "name": "Check_Id", |
8884 | 8884 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8885 | | - "value": "configure_firewalld_ports", |
| 8885 | + "value": "package_rsyslog-gnutls_installed", |
8886 | 8886 | "remarks": "rule_set_160" |
8887 | 8887 | }, |
8888 | 8888 | { |
8889 | 8889 | "name": "Check_Description", |
8890 | 8890 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8891 | | - "value": "Configure the Firewalld Ports", |
| 8891 | + "value": "Ensure rsyslog-gnutls is installed", |
8892 | 8892 | "remarks": "rule_set_160" |
8893 | 8893 | }, |
8894 | 8894 | { |
8895 | 8895 | "name": "Rule_Id", |
8896 | 8896 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8897 | | - "value": "set_firewalld_default_zone", |
| 8897 | + "value": "configure_firewalld_ports", |
8898 | 8898 | "remarks": "rule_set_161" |
8899 | 8899 | }, |
8900 | 8900 | { |
8901 | 8901 | "name": "Rule_Description", |
8902 | 8902 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8903 | | - "value": "Set Default firewalld Zone for Incoming Packets", |
| 8903 | + "value": "Configure the Firewalld Ports", |
8904 | 8904 | "remarks": "rule_set_161" |
8905 | 8905 | }, |
8906 | 8906 | { |
8907 | 8907 | "name": "Check_Id", |
8908 | 8908 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8909 | | - "value": "set_firewalld_default_zone", |
| 8909 | + "value": "configure_firewalld_ports", |
8910 | 8910 | "remarks": "rule_set_161" |
8911 | 8911 | }, |
8912 | 8912 | { |
8913 | 8913 | "name": "Check_Description", |
8914 | 8914 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8915 | | - "value": "Set Default firewalld Zone for Incoming Packets", |
| 8915 | + "value": "Configure the Firewalld Ports", |
8916 | 8916 | "remarks": "rule_set_161" |
8917 | 8917 | }, |
8918 | 8918 | { |
8919 | 8919 | "name": "Rule_Id", |
8920 | 8920 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8921 | | - "value": "package_usbguard_installed", |
| 8921 | + "value": "set_firewalld_default_zone", |
8922 | 8922 | "remarks": "rule_set_162" |
8923 | 8923 | }, |
8924 | 8924 | { |
8925 | 8925 | "name": "Rule_Description", |
8926 | 8926 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8927 | | - "value": "Install usbguard Package", |
| 8927 | + "value": "Set Default firewalld Zone for Incoming Packets", |
8928 | 8928 | "remarks": "rule_set_162" |
8929 | 8929 | }, |
8930 | 8930 | { |
8931 | 8931 | "name": "Check_Id", |
8932 | 8932 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8933 | | - "value": "package_usbguard_installed", |
| 8933 | + "value": "set_firewalld_default_zone", |
8934 | 8934 | "remarks": "rule_set_162" |
8935 | 8935 | }, |
8936 | 8936 | { |
8937 | 8937 | "name": "Check_Description", |
8938 | 8938 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8939 | | - "value": "Install usbguard Package", |
| 8939 | + "value": "Set Default firewalld Zone for Incoming Packets", |
8940 | 8940 | "remarks": "rule_set_162" |
8941 | 8941 | }, |
8942 | 8942 | { |
8943 | 8943 | "name": "Rule_Id", |
8944 | 8944 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8945 | | - "value": "service_usbguard_enabled", |
| 8945 | + "value": "package_usbguard_installed", |
8946 | 8946 | "remarks": "rule_set_163" |
8947 | 8947 | }, |
8948 | 8948 | { |
8949 | 8949 | "name": "Rule_Description", |
8950 | 8950 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8951 | | - "value": "Enable the USBGuard Service", |
| 8951 | + "value": "Install usbguard Package", |
8952 | 8952 | "remarks": "rule_set_163" |
8953 | 8953 | }, |
8954 | 8954 | { |
8955 | 8955 | "name": "Check_Id", |
8956 | 8956 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8957 | | - "value": "service_usbguard_enabled", |
| 8957 | + "value": "package_usbguard_installed", |
8958 | 8958 | "remarks": "rule_set_163" |
8959 | 8959 | }, |
8960 | 8960 | { |
8961 | 8961 | "name": "Check_Description", |
8962 | 8962 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8963 | | - "value": "Enable the USBGuard Service", |
| 8963 | + "value": "Install usbguard Package", |
8964 | 8964 | "remarks": "rule_set_163" |
8965 | 8965 | }, |
8966 | 8966 | { |
8967 | 8967 | "name": "Rule_Id", |
8968 | 8968 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8969 | | - "value": "system_booted_in_fips_mode", |
| 8969 | + "value": "service_usbguard_enabled", |
8970 | 8970 | "remarks": "rule_set_164" |
8971 | 8971 | }, |
8972 | 8972 | { |
8973 | 8973 | "name": "Rule_Description", |
8974 | 8974 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8975 | | - "value": "Verify that the system was booted with fips=1", |
| 8975 | + "value": "Enable the USBGuard Service", |
8976 | 8976 | "remarks": "rule_set_164" |
8977 | 8977 | }, |
8978 | 8978 | { |
8979 | 8979 | "name": "Check_Id", |
8980 | 8980 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8981 | | - "value": "system_booted_in_fips_mode", |
| 8981 | + "value": "service_usbguard_enabled", |
8982 | 8982 | "remarks": "rule_set_164" |
8983 | 8983 | }, |
8984 | 8984 | { |
8985 | 8985 | "name": "Check_Description", |
8986 | 8986 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8987 | | - "value": "Verify that the system was booted with fips=1", |
| 8987 | + "value": "Enable the USBGuard Service", |
8988 | 8988 | "remarks": "rule_set_164" |
8989 | 8989 | }, |
8990 | 8990 | { |
8991 | 8991 | "name": "Rule_Id", |
8992 | 8992 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8993 | | - "value": "enable_fips_mode", |
| 8993 | + "value": "system_booted_in_fips_mode", |
8994 | 8994 | "remarks": "rule_set_165" |
8995 | 8995 | }, |
8996 | 8996 | { |
8997 | 8997 | "name": "Rule_Description", |
8998 | 8998 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
8999 | | - "value": "Enable FIPS Mode", |
| 8999 | + "value": "Verify that the system was booted with fips=1", |
9000 | 9000 | "remarks": "rule_set_165" |
9001 | 9001 | }, |
9002 | 9002 | { |
9003 | 9003 | "name": "Check_Id", |
9004 | 9004 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9005 | | - "value": "enable_fips_mode", |
| 9005 | + "value": "system_booted_in_fips_mode", |
9006 | 9006 | "remarks": "rule_set_165" |
9007 | 9007 | }, |
9008 | 9008 | { |
9009 | 9009 | "name": "Check_Description", |
9010 | 9010 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9011 | | - "value": "Enable FIPS Mode", |
| 9011 | + "value": "Verify that the system was booted with fips=1", |
9012 | 9012 | "remarks": "rule_set_165" |
9013 | 9013 | }, |
9014 | 9014 | { |
9015 | 9015 | "name": "Rule_Id", |
9016 | 9016 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9017 | | - "value": "file_permissions_sshd_private_key", |
| 9017 | + "value": "enable_fips_mode", |
9018 | 9018 | "remarks": "rule_set_166" |
9019 | 9019 | }, |
9020 | 9020 | { |
9021 | 9021 | "name": "Rule_Description", |
9022 | 9022 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9023 | | - "value": "Verify Permissions on SSH Server Private *_key Key Files", |
| 9023 | + "value": "Enable FIPS Mode", |
9024 | 9024 | "remarks": "rule_set_166" |
9025 | 9025 | }, |
9026 | 9026 | { |
9027 | 9027 | "name": "Check_Id", |
9028 | 9028 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9029 | | - "value": "file_permissions_sshd_private_key", |
| 9029 | + "value": "enable_fips_mode", |
9030 | 9030 | "remarks": "rule_set_166" |
9031 | 9031 | }, |
9032 | 9032 | { |
9033 | 9033 | "name": "Check_Description", |
9034 | 9034 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9035 | | - "value": "Verify Permissions on SSH Server Private *_key Key Files", |
| 9035 | + "value": "Enable FIPS Mode", |
9036 | 9036 | "remarks": "rule_set_166" |
9037 | 9037 | }, |
9038 | 9038 | { |
9039 | 9039 | "name": "Rule_Id", |
9040 | 9040 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9041 | | - "value": "dnf-automatic_apply_updates", |
| 9041 | + "value": "file_permissions_sshd_private_key", |
9042 | 9042 | "remarks": "rule_set_167" |
9043 | 9043 | }, |
9044 | 9044 | { |
9045 | 9045 | "name": "Rule_Description", |
9046 | 9046 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9047 | | - "value": "Configure dnf-automatic to Install Available Updates Automatically", |
| 9047 | + "value": "Verify Permissions on SSH Server Private *_key Key Files", |
9048 | 9048 | "remarks": "rule_set_167" |
9049 | 9049 | }, |
9050 | 9050 | { |
9051 | 9051 | "name": "Check_Id", |
9052 | 9052 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9053 | | - "value": "dnf-automatic_apply_updates", |
| 9053 | + "value": "file_permissions_sshd_private_key", |
9054 | 9054 | "remarks": "rule_set_167" |
9055 | 9055 | }, |
9056 | 9056 | { |
9057 | 9057 | "name": "Check_Description", |
9058 | 9058 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9059 | | - "value": "Configure dnf-automatic to Install Available Updates Automatically", |
| 9059 | + "value": "Verify Permissions on SSH Server Private *_key Key Files", |
9060 | 9060 | "remarks": "rule_set_167" |
9061 | 9061 | }, |
9062 | 9062 | { |
9063 | 9063 | "name": "Rule_Id", |
9064 | 9064 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9065 | | - "value": "package_libdnf-plugin-subscription-manager_installed", |
| 9065 | + "value": "dnf-automatic_apply_updates", |
9066 | 9066 | "remarks": "rule_set_168" |
9067 | 9067 | }, |
9068 | 9068 | { |
9069 | 9069 | "name": "Rule_Description", |
9070 | 9070 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9071 | | - "value": "Install libdnf-plugin-subscription-manager Package", |
| 9071 | + "value": "Configure dnf-automatic to Install Available Updates Automatically", |
9072 | 9072 | "remarks": "rule_set_168" |
9073 | 9073 | }, |
9074 | 9074 | { |
9075 | 9075 | "name": "Check_Id", |
9076 | 9076 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9077 | | - "value": "package_libdnf-plugin-subscription-manager_installed", |
| 9077 | + "value": "dnf-automatic_apply_updates", |
9078 | 9078 | "remarks": "rule_set_168" |
9079 | 9079 | }, |
9080 | 9080 | { |
9081 | 9081 | "name": "Check_Description", |
9082 | 9082 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9083 | | - "value": "Install libdnf-plugin-subscription-manager Package", |
| 9083 | + "value": "Configure dnf-automatic to Install Available Updates Automatically", |
9084 | 9084 | "remarks": "rule_set_168" |
9085 | 9085 | }, |
9086 | 9086 | { |
9087 | 9087 | "name": "Rule_Id", |
9088 | 9088 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9089 | | - "value": "package_subscription-manager_installed", |
| 9089 | + "value": "package_libdnf-plugin-subscription-manager_installed", |
9090 | 9090 | "remarks": "rule_set_169" |
9091 | 9091 | }, |
9092 | 9092 | { |
9093 | 9093 | "name": "Rule_Description", |
9094 | 9094 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9095 | | - "value": "Install subscription-manager Package", |
| 9095 | + "value": "Install libdnf-plugin-subscription-manager Package", |
9096 | 9096 | "remarks": "rule_set_169" |
9097 | 9097 | }, |
9098 | 9098 | { |
9099 | 9099 | "name": "Check_Id", |
9100 | 9100 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9101 | | - "value": "package_subscription-manager_installed", |
| 9101 | + "value": "package_libdnf-plugin-subscription-manager_installed", |
9102 | 9102 | "remarks": "rule_set_169" |
9103 | 9103 | }, |
9104 | 9104 | { |
9105 | 9105 | "name": "Check_Description", |
9106 | 9106 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9107 | | - "value": "Install subscription-manager Package", |
| 9107 | + "value": "Install libdnf-plugin-subscription-manager Package", |
9108 | 9108 | "remarks": "rule_set_169" |
9109 | 9109 | }, |
9110 | 9110 | { |
9111 | 9111 | "name": "Rule_Id", |
9112 | 9112 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9113 | | - "value": "no_shelllogin_for_systemaccounts", |
| 9113 | + "value": "package_subscription-manager_installed", |
9114 | 9114 | "remarks": "rule_set_170" |
9115 | 9115 | }, |
9116 | 9116 | { |
9117 | 9117 | "name": "Rule_Description", |
9118 | 9118 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9119 | | - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", |
| 9119 | + "value": "Install subscription-manager Package", |
9120 | 9120 | "remarks": "rule_set_170" |
9121 | 9121 | }, |
9122 | 9122 | { |
9123 | 9123 | "name": "Check_Id", |
9124 | 9124 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9125 | | - "value": "no_shelllogin_for_systemaccounts", |
| 9125 | + "value": "package_subscription-manager_installed", |
9126 | 9126 | "remarks": "rule_set_170" |
9127 | 9127 | }, |
9128 | 9128 | { |
9129 | 9129 | "name": "Check_Description", |
9130 | 9130 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9131 | | - "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", |
| 9131 | + "value": "Install subscription-manager Package", |
9132 | 9132 | "remarks": "rule_set_170" |
9133 | 9133 | }, |
9134 | 9134 | { |
9135 | 9135 | "name": "Rule_Id", |
9136 | 9136 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9137 | | - "value": "secure_boot_enabled", |
| 9137 | + "value": "no_shelllogin_for_systemaccounts", |
9138 | 9138 | "remarks": "rule_set_171" |
9139 | 9139 | }, |
9140 | 9140 | { |
9141 | 9141 | "name": "Rule_Description", |
9142 | 9142 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9143 | | - "value": "Ensure that Secure Boot is enabled", |
| 9143 | + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", |
9144 | 9144 | "remarks": "rule_set_171" |
9145 | 9145 | }, |
9146 | 9146 | { |
9147 | 9147 | "name": "Check_Id", |
9148 | 9148 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9149 | | - "value": "secure_boot_enabled", |
| 9149 | + "value": "no_shelllogin_for_systemaccounts", |
9150 | 9150 | "remarks": "rule_set_171" |
9151 | 9151 | }, |
9152 | 9152 | { |
9153 | 9153 | "name": "Check_Description", |
9154 | 9154 | "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
9155 | | - "value": "Ensure that Secure Boot is enabled", |
| 9155 | + "value": "Ensure that System Accounts Do Not Run a Shell Upon Login", |
9156 | 9156 | "remarks": "rule_set_171" |
| 9157 | + }, |
| 9158 | + { |
| 9159 | + "name": "Rule_Id", |
| 9160 | + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
| 9161 | + "value": "secure_boot_enabled", |
| 9162 | + "remarks": "rule_set_172" |
| 9163 | + }, |
| 9164 | + { |
| 9165 | + "name": "Rule_Description", |
| 9166 | + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
| 9167 | + "value": "Ensure that Secure Boot is enabled", |
| 9168 | + "remarks": "rule_set_172" |
| 9169 | + }, |
| 9170 | + { |
| 9171 | + "name": "Check_Id", |
| 9172 | + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
| 9173 | + "value": "secure_boot_enabled", |
| 9174 | + "remarks": "rule_set_172" |
| 9175 | + }, |
| 9176 | + { |
| 9177 | + "name": "Check_Description", |
| 9178 | + "ns": "https://oscal-compass.github.io/compliance-trestle/schemas/oscal/cd", |
| 9179 | + "value": "Ensure that Secure Boot is enabled", |
| 9180 | + "remarks": "rule_set_172" |
9157 | 9181 | } |
9158 | 9182 | ], |
9159 | 9183 | "control-implementations": [ |
|
0 commit comments