Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2024-11-22 19:23:02 +00:00
Code Issues Projects Releases Packages Wiki Activity
379 commits 17 branches 31 tags 478 KiB
Commit graph

379 commits

This branch
This branch
All branches
Author SHA1 Message Date
Michée lengronne
86e23d4d56
Merge pull request #134 from dev-sec/version_alignment 
The release draft references the correct SHA
 2020-07-23 14:39:00 +02:00
Michée Lengronne
014d55093e The release draft references the correct SHA 
Signed-off-by: Michée Lengronne <michee.lengronne@coppint.com>
 2020-07-23 14:34:53 +02:00
dev-sec CI
85bc5a3709 update inspec.yml and changelog 2020-06-30 13:11:39 +00:00
Sebastian Gumprich
074a871d31
Merge pull request #132 from imjoseangel/feature/checkpasswdhashes 
Adds /etc/passwd format check
 2020-06-30 14:35:30 +02:00
imjoseangel
e20da94418 Removing exclamation as it is only for shadowi 
Signed-off-by: imjoseangel <josea.munoz@gmail.com>
 2020-06-30 14:14:55 +02:00
imjoseangel
748cfb26c8 Adds exclamation and asterisk as requested 
Signed-off-by: imjoseangel <josea.munoz@gmail.com>
 2020-06-29 23:13:21 +02:00
imjoseangel
3645c40723 Adds /etc/passwd format check 
Signed-off-by: imjoseangel <josea.munoz@gmail.com>
 2020-06-28 20:57:32 +02:00
dev-sec CI
1365044123 update inspec.yml and changelog 2020-05-19 14:30:13 +00:00
Michée lengronne
97a14b83a5
Merge pull request #131 from dev-sec/changelog_before 
CHANGELOG for RELEASE done before the push to avoid breaking
 2020-05-19 16:28:09 +02:00
Michée Lengronne
c19d1cf690 CHANGELOG for RELEASE done before the push to avoid breaking 
Signed-off-by: Michée Lengronne <michee.lengronne@coppint.com>
 2020-05-19 16:25:40 +02:00
dev-sec CI
ce128cb374 update inspec.yml and changelog 2020-05-19 14:03:49 +00:00
Michée lengronne
0df599e628
Merge pull request #130 from dev-sec/release_trigger 
release trigger
 2020-05-19 15:48:22 +02:00
Michée Lengronne
a3156b23e0 release trigger 
Signed-off-by: Michée Lengronne <michee.lengronne@coppint.com>
 2020-05-19 15:46:21 +02:00
dev-sec CI
3aaca7be98 update changelog 2020-05-19 10:20:02 +00:00
dev-sec CI
631a6f60a9 update inspec.yml and changelog 2020-05-19 10:17:21 +00:00
Michée lengronne
f5a477b56e
Merge pull request #129 from dev-sec/align_versions 
align versions
 2020-05-19 12:15:28 +02:00
Michée Lengronne
54150cb8d0 align versions 
Signed-off-by: Michée Lengronne <michee.lengronne@coppint.com>
 2020-05-19 12:12:47 +02:00
dev-sec CI
39912896da update changelog 2020-05-19 10:11:21 +00:00
dev-sec CI
e61a71dc21 update inspec.yml and changelog 2020-05-19 10:07:07 +00:00
Michée lengronne
09a94ba454
Merge pull request #128 from dev-sec/github_actions 
github actions
 2020-05-19 12:05:05 +02:00
Michée Lengronne
6021739fc5 github actions 
Signed-off-by: Michée Lengronne <michee.lengronne@coppint.com>
 2020-05-19 11:25:18 +02:00
Christoph Hartmann
cddd790870 2.4.0 2020-03-26 14:19:46 +01:00
Patrick Münch
1233a136f3
Merge pull request #125 from b-dean/allow-ipv6-forwarding 
skip the sysctl-19 control when sysctl_forwarding is true
 2019-12-12 08:17:21 +01:00
Ben Dean
295683c617
skip the sysctl-19 control when sysctl_forwarding is true 
fixes #124

Signed-off-by: Ben Dean <ben.dean@ontariosystems.com>
 2019-12-02 18:41:31 -05:00
Christoph Hartmann
eb81362d4e
Merge pull request #123 from dev-sec/missing-pkg-control 
add documentation for missing package-04 control
 2019-09-19 10:18:36 +02:00
Christoph Hartmann
2ea93b2d09 add documentation for missing package-04 control 
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
 2019-09-19 09:58:51 +02:00
Christoph Hartmann
fe0ac1c450
Merge pull request #119 from jjasghar/jjasghar/deprication 
Fixing some deprecation notices
 2019-09-19 09:54:08 +02:00
Artem Sidorenko
74df8a2d5a
Merge pull request #121 from foundulabs/samjmarshall/core_pattern 
Allow core dumps to be piped into a program with an absolute path.
 2019-07-19 15:06:37 +02:00
Artem Sidorenko
482a362460
Merge pull request #120 from foundulabs/samjmarshall/lowecase_auditd_flush_value 
Allow for lowercase auditd config flush value.
 2019-07-18 10:44:26 +02:00
Sam Marshall
11ef401187 Allow for lowercase auditd config flush value. 
Signed-off-by: Sam Marshall <sam@foundu.com.au>
 2019-07-18 09:49:50 +10:00
Sam Marshall
f7ce8028ee Allow core dumps to be piped into a program with an absolute path. 
Signed-off-by: Sam Marshall <sam@foundu.com.au>
 2019-07-18 09:43:53 +10:00
JJ Asghar
99c2ddd408 Fixing some deprecation notices 
`default` is being replaced by `value`

Signed-off-by: JJ Asghar <awesome@ibm.com>
Signed-off-by: JJ Asghar <jjasghar@gmail.com>
 2019-07-16 18:09:13 -05:00
Christoph Hartmann
de6eb848cc
Merge pull request #113 from dev-sec/ap/bump-version-2.3.0 
Bump version to 2.3.0 and switch to inspec 3 for check
 2019-05-15 10:26:02 +02:00
Alex Pop
f80f21a5a4 Bump version to 2.3.0 and update gems 
Signed-off-by: Alex Pop <alexpop@users.noreply.github.com>
 2019-05-14 23:35:51 +01:00
Alex Pop
d977b4eb26 Rubocop update 
Signed-off-by: Alex Pop <alexpop@users.noreply.github.com>
 2019-05-14 23:35:31 +01:00
Christophe van de Kerchove
601d1a4361 Add compatibility for alpine based images (#111) 
Adding compatibility for alpine based images on shadow file

Signed-off-by: Christophe van de Kerchove <christophe.vkerchove@fxinnovation.com>
 2019-03-07 21:14:24 +01:00
Artem Sidorenko
7c5a420516
Merge pull request #108 from cachedout/readme_grammar_fix 
Minor grammatical fix in README
 2018-12-20 15:32:57 +01:00
Mike Place
db2f45fe4e
Minor grammatical fix in README 
Signed-off-by: Mike Place <mp@saltstack.com>
 2018-12-20 07:27:41 -07:00
Artem Sidorenko
149a2589ab
Merge pull request #106 from dev-sec/templates 
Update issue templates
 2018-10-22 21:42:53 +02:00
Artem Sidorenko
8b3ea0c19c Adaptation for inspec baselines 
Signed-off-by: Artem Sidorenko <artem@posteo.de>
 2018-10-22 11:05:09 +02:00
Sebastian Gumprich
ffb384aa71 Update issue templates 
Signed-off-by: Sebastian Gumprich <github@gumpri.ch>
 2018-10-21 18:32:07 +02:00
Artem Sidorenko
ef738ef16e
Merge pull request #105 from IceBear2k/104-fix-os-11 
#104 Fix os-11 for Ubuntu 16.04 and newer
 2018-10-15 13:27:33 +02:00
IceBear2k
723838f365 Signed-off-by: IceBear2k <ib-github@myrl.net> 
Fix os-11 for Ubuntu 16.04 and newer
 2018-10-12 22:20:57 +02:00
Sebastian Gumprich
f4c39c8021 efi-check should run on remote host, not locally (#103) 2018-09-04 18:13:10 +02:00
Artem Sidorenko
bd145d4c88
Merge pull request #101 from juliandunn/patch-1 
update grammar in desc
 2018-08-14 07:51:52 +02:00
Julian C. Dunn
c5b995a432
update grammar in desc 2018-08-13 20:52:11 -07:00
Albert Avetisian
b301e7317a Update to test for rsh-server instead of duplicate telnetd (#98) 2018-07-19 16:01:07 +02:00
James Stocks
c19bef8459 Update to version 2.2.2 (#99) 
Signed-off-by: James Stocks <jstocks@chef.io>
 2018-07-19 15:58:36 +02:00
Artem Sidorenko
170bb04478
Merge pull request #96 from rndmh3ro/patch-1 
Do not disable vfat by default
 2018-07-16 10:05:13 +02:00
Sebastian Gumprich
cc989d80a7 Do not disable vfat by default 
On UEFI-systems the boot-partition is FAT by default (see [here](https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface/System_partition)).

If we disable vfat, these systems become unbootable. This has already bitten some users using ansible-os-hardening (https://github.com/dev-sec/ansible-os-hardening/issues/162, https://github.com/dev-sec/ansible-os-hardening/issues/145).

Therefore I propose we do not check for a disabled vfat filesystem, if efi is used on these systems
 2018-07-10 12:56:32 +02:00