Commit graph

189 commits

Author SHA1 Message Date
Michael Geiger
c310414967 os-02: Fix for SUSE environments
Signed-off-by: Michael Geiger <michael.geiger@telekom.de>
2017-06-27 09:51:39 +02:00
Patrick Münch
21b6d82a2f Merge pull request #68 from dev-sec/chris-rock/spdx
use recommended spdx license identifier
2017-06-26 07:46:23 +02:00
Christoph Hartmann
5b52c3b5ae use recommended spdx license identifier
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-06-25 18:08:49 +02:00
Patrick Münch
e9d0e48d98 Merge pull request #66 from artem-forks/ruby-2.4
CI: update to ruby 2.4.1 and rubocop 0.49.1
2017-06-02 11:04:20 +02:00
Artem Sidorenko
16d47e8dc5 CI: update to ruby 2.4.1 and rubocop 0.49.1
Chef 13 is also using ruby 2.4.1 in the omnibus packages

Signed-off-by: Artem Sidorenko <artem@posteo.de>
2017-06-01 23:43:45 +02:00
Patrick Münch
105ec0fc99 Merge pull request #63 from artem-forks/num_logs
num_logs has different values on different distros
2017-05-31 11:56:23 +02:00
Christoph Hartmann
3a83bad322 Merge pull request #64 from dev-sec/ap/assignment_re-update
Use assignment_regex, only_if and bump profile version
2017-05-30 08:11:32 -04:00
Alex Pop
4f5fc943dd Use only_if to avoid upload warning 2017-05-30 11:37:27 +01:00
Alex Pop
085b42857e Use assignment_regex and bump profile version 2017-05-30 11:27:37 +01:00
Artem Sidorenko
4d63500d9a num_logs has different values on different distros
on debian 7 its 4, on everything else its 5

Lets remove this as it looks related only to logrotation
2017-05-27 21:53:57 +02:00
Patrick Münch
6563cb32dc Merge pull request #62 from artem-sidorenko/kernel-modules
Allow verification if kernel modules loading is disabled
2017-05-26 20:58:43 +02:00
Artem Sidorenko
deb96a624e Allow verification if kernel modules loading is disabled
Signed-off-by: Artem Sidorenko <artem@posteo.de>
2017-05-22 19:53:35 +02:00
Patrick Münch
a493413969 Merge pull request #61 from artem-sidorenko/audit-fixes
Fix: more generic auditd settings
2017-05-15 10:33:19 +02:00
Artem Sidorenko
97c7be99d2 Fix: more generic auditd settings
in order to match the defaults of all mainstream distros

Some of settings are removed, as the defaults of distros are different,
based on the intention of author [1] they are also not really important here

[1]: https://github.com/dev-sec/linux-baseline/pull/44#commitcomment-21381289

Signed-off-by: Artem Sidorenko <artem@posteo.de>
2017-05-10 23:53:43 +02:00
Christoph Hartmann
6648a15447 2.1.0
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2017-05-08 15:15:47 +02:00
Artem Sidorenko
6eeb5ec082 Merge pull request #58 from dev-sec/chris-rock/metadata
update metadata
2017-04-28 23:43:10 +02:00
Christoph Hartmann
390b256a2b update metadata 2017-04-28 22:21:14 +02:00
Christoph Hartmann
10af912275 Merge pull request #57 from atomic111/master
update gemfile
2017-04-04 10:28:47 +02:00
Patrick Münch
e2b85f26a9 update gemfile
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
2017-04-04 10:19:53 +02:00
Christoph Hartmann
07d60033b7 Merge pull request #56 from atomic111/master
restrict ruby testing to version 2.3.3
2017-04-04 10:07:02 +02:00
Patrick Münch
320d60ac1a restrict ruby testing to version 2.3.3
Signed-off-by: Patrick Münch <patrick.muench1111@gmail.com>
2017-04-04 10:02:06 +02:00
Patrick Münch
12b317ee26 Merge pull request #52 from artem-sidorenko/kernel-dump
Properly verify the kernel dump setting
2017-03-16 08:19:12 +01:00
Artem Sidorenko
e3df2dbb13 Verify the dump path only if dumpable is set to suidsafe
See this discussion 790371c5fd (commitcomment-21277650)
2017-03-13 19:56:44 +01:00
Artem Sidorenko
8f763e51b4 Properly verify the kernel dump setting
0 and 2 are the allowed options
2017-03-12 17:48:32 +01:00
Christoph Hartmann
58810fec3c Merge pull request #51 from iamthemuffinman/master
auditd package is called audit in the rhel family
2017-02-16 17:59:06 +01:00
iamthemuffinman
50f719d9f6 Use one block 2017-02-16 11:27:32 -05:00
iamthemuffinman
31ca8e8f98 auditd package is called audit in the rhel family 2017-02-15 17:16:40 -05:00
Patrick Münch
50e28b58ea Merge pull request #44 from juju4/master
essay: differentiate redhat/debian, add extra conditions
2017-02-08 21:07:28 +01:00
Patrick Münch
b4fd1b3440 Merge pull request #50 from techraf/ignore-inspec-lock
Ignore inspec.lock file
2017-01-14 09:44:34 +01:00
techraf
78f3747407 Ignore inspec.lock file 2017-01-14 13:41:54 +09:00
Patrick Münch
9032b67769 Merge pull request #49 from techraf/fix-duplicate-in-sysctl-16
Remove duplicated expectation from sysctl-16
2017-01-13 09:58:51 +01:00
techraf
7972eca00c Check 'net.ipv4.conf.default.send_redirects' instead of 'net.ipv4.conf.all.send_redirects' twice 2017-01-13 08:48:27 +09:00
Julien
f5f905d366 Merge branch 'master' into master 2017-01-03 18:22:30 +01:00
juju4
1ec817fe20 fix rubocop Conventions 2016-12-22 04:58:26 -05:00
juju4
ed00917131 fix rubocop Conventions 2016-12-22 04:55:31 -05:00
juju4
c27fc05aee fix rubocop Conventions 2016-12-22 04:50:09 -05:00
juju4
50abb79577 fix rubocop Conventions 2016-12-22 04:45:40 -05:00
juju4
1726723827 fix rubocop Conventions 2016-12-22 04:39:14 -05:00
juju4
f207161143 fix rubocop Conventions 2016-12-22 04:34:49 -05:00
juju4
e62cb3f0ef fix rubocop Conventions 2016-12-22 04:27:09 -05:00
juju4
4b029d7e99 fix rubocop Conventions 2016-12-22 04:23:07 -05:00
juju4
b2cd7ee312 fix rubocop Conventions 2016-12-22 04:17:32 -05:00
juju4
e297ff2b1e fix rubocop Warning and most Conventions 2016-12-22 04:09:07 -05:00
juju4
7878a04956 +travis.yml 2016-12-21 15:21:50 -05:00
juju4
3fc52ecadb rebase upstream 2016-12-21 15:19:16 -05:00
juju4
cdcc9f7721 use attributes, include PR feedback 2016-12-21 13:53:32 -05:00
Patrick Münch
462e066cdf Merge pull request #47 from dev-sec/chris-rock/readme
update links in readme
2016-12-21 19:19:36 +01:00
Christoph Hartmann
552bfb1abb update links in readme
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
2016-12-21 12:50:12 +01:00
Christoph Hartmann
43362f747f Merge pull request #46 from dev-sec/chris-rock/metadata
update profile metadata & tooling
2016-12-21 12:04:28 +01:00
Christoph Hartmann
b5429ffbd5 update profile metadata & tooling 2016-12-21 11:54:18 +01:00