search

ComplianceAsCode / content

Security automation content in SCAP, Bash, Ansible, and other formats
https://complianceascode.readthedocs.io/en/latest/
Other
2.22k stars 698 forks source link

AIDE periodic crontab remediation #4825

Open 70k10 opened 5 years ago

70k10 commented 5 years ago

Description of Issue: The AIDE periodic crontab checks account for the majority of user cases, however the remdediation is set in stone. I would think it would be possible to make a variable and fill in the cron time field with whatever the user wants using a tailor file.

Ex. var = string value ( "5 0 *") or string value (@weekly)

$var /usr/sbin/aide --check

Could this be done with a single var file with type: string and options? options: default: "5 0 *" weekly: "@weekly"

Or would one need to use templates or force the user to set a variable for each cron time field?

I've dug around somewhat in the codebase so far, but I'm not seeing any examples where someone has done something similar. Also, is there a documented location for the variable file syntax? Maybe I didn't dig far enough.

Thanks

ggbecker commented 5 years ago

Unfortunately there is no variable available at the moment. This recent PR #4989 change things around this rule. You may want to take a look as it introduces test scenarios which can be used as example. The OVAL was adjusted to accept broader configurations.