bjvrielink
commented
3 years ago For what products are these versions?
Open marcelfischer opened 3 years ago
bjvrielink
commented
3 years ago For what products are these versions?
marcelfischer
commented
3 years ago Sorry, Im talking about "CIS Red Hat Enterprise Linux 7 Benchmark" Version 3.0.0 was released on Jun 25 2020. The rules numbering changed a lot. Probably there is also a new Version for CentOS and Oracle Linux, but I havent checked that. See: https://www.cisecurity.org/blog/cis-benchmarks-july-2020-update/
bjvrielink
commented
3 years ago Pull requests are always welcome. I haven't looked into detail into this update; are there other changes except the numbering?
A renumbering of the rules also means that people that use the $include_rules/$exclude_rules parameters for this module must change their Puppet configuration to match this change. We may want to bump the major version of this module when it is released?
marcelfischer
commented
3 years ago Yes sadly we had to review all activated rules to make sure that we do not accidently activate something else now. Some content changed also:
So I had to create 6 new rules classes. And you need to change almost every class in distribution::rhel7 and distribution::centos7.
Probably it makes sense to bump the major version
marcelfischer
commented
3 years ago I quickly checked the difference in firewall between rhel7 and rhel8 CIS. Looks pretty similar. So I guess I could also make the changes for this.
Hi, 3.0.0 and 3.0.1 for rhel7 was released some time ago. I adjusted the module for 3.0.0. Are you interested in a pull-request? But since we're not using the firewall part, this would be missing.