Ubuntu 22.04 STIG: disable_ctrlaltdel_burstaction included in check but not upstream

[jaredledvina]

Description of problem:

Currently, disable_ctrlaltdel_burstaction is marked in https://github.com/ComplianceAsCode/content/blob/21a4c72c55245b055fbf2d767beb7e7e704e37e7/products/ubuntu2204/profiles/stig.profile#L562

However, upstream the STIG control 260469 does not require/reference this rule. The check text is just

"Verify Ubuntu 22.04 LTS is not configured to reboot the system when Ctrl-Alt-Delete is pressed by using the following command: 

     $ systemctl status ctrl-alt-del.target 
     ctrl-alt-del.target 
          Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.) 
          Active: inactive (dead) 

If the ""ctrl-alt-del.target"" is not masked, this is a finding."

which is covered by the disable_ctrlaltdel_reboot check.

Details:

This content is not aligned with content from

The misalignment affects these profiles:

• Ubuntu 22.04 DISA STIG

The misalignment affects these rules:

• xccdf_org.ssgproject.content_rule_disable_ctrlaltdel_burstaction

Outcome:

• [x] This project's content can be improved:
  • [x] Check needs to be improved.
  • [ ] Remediation needs to be improved.
• [ ] The external content's check is faulty - the other party needs to be notified, they have work to do.

SCAP Security Guide Version: Unknown...how do I determine this?

External Content's Version: v2r2

[dodys]

@mpurg fyi

[mpurg]

Thanks for pointing this out @jaredledvina . Fixed in #12620