CIS's assessment for rule 1.4.2 Ensure permissions on bootloader config are configured uses wrong /boot/grub/grub.cfg.
Issue Fixes:
N/A
Enhancements:
I think the current value defined within the variable ubtu22cis_grub_file(respectively /etc/default/grub.cfg) is wrong, as it is a mix between:
DEFAULT FILE: /etc/default/grub
THE AUTO-GENERATED GRUB FILE: /boot/grub/grub.cfg
So the current value /boot/grub/grub.cfg is a non-existant file, but CIS rule means /boot/grub/grub.cfg.
Thanks to @ipruteanu-sie for finding the issue ;-)
How has this been tested?:
Executing the task, look at the result, and CIS-CAT Scanner succeeds.
Overall Review of Changes:
CIS's assessment for rule 1.4.2 Ensure permissions on bootloader config are configured uses wrong
/boot/grub/grub.cfg
.Issue Fixes: N/A
Enhancements: I think the current value defined within the variable ubtu22cis_grub_file(respectively /etc/default/grub.cfg) is wrong, as it is a mix between:
DEFAULT FILE: /etc/default/grub THE AUTO-GENERATED GRUB FILE: /boot/grub/grub.cfg
So the current value
/boot/grub/grub.cfg
is a non-existant file, but CIS rule means/boot/grub/grub.cfg
.Thanks to @ipruteanu-sie for finding the issue ;-)
How has this been tested?:
Executing the task, look at the result, and CIS-CAT Scanner succeeds.