-
#### Description of problem:
A lot of ISM O rules doesn't have `ism` reference. The list of affected rules:
- audit_rules_login_events_tallylog
- sshd_disable_x11_forwarding
- service_fapolicyd_en…
-
This is a great project, and I was wondering if there is an automated testing system (or one planned) for running test cases against fapolicyd?
-
**Issue:** When fapolicyd fails to parse its config file, sees some errors in trust database, or just any kind of error, systemd will fail to load fapolicyd and will still continue loading the system.…
-
Formally raising the request to allow for fapolicyd to leverage globbing (fnmatch) within the ruleset. This is currently a TODO in the root of the repository:
https://github.com/linux-application-…
-
fapolicyd is currently disabled on the quay AMI because the openshift CLI tools are not installed using the RPMs from the rhocp repos. Switch the AMI builder to install using the RPMs and enable fapol…
-
I've been using fapolicyd for a few months now under Fedora 39.
I've encountered an issue that happens probably 1 in every 3 or 4 times when running eg. dnf update or dnf install.
fapolicyd will r…
-
For finding out which files in a directory tree are candidates to be included in the fapolicyd trust file, the `fapolicyd-cli` command with the option `-t` or `--ftype` can be used. The problem is tha…
-
We have created stable build instructions for fapolicyd (at this time, 1.0.4) on Amazon Linux 2.
They will work for the system in FIPS mode, as well as on the CIS Benchmark (tested, using the CIS L…
-
**Is your feature request related to a problem? Please describe.**
RKE2 sets the following fapolicyd rules when its in use on RHEL machines.
```
allow perm=any all : dir=/var/lib/rancher/
…
clbx updated
9 months ago
-
Since the installation only supports tgz, systems running fapolicyd (such as DISA STIG-compliant RHEL8+ servers) block splunk from executing. Below is a snippet of the rules preventing execution after…