Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2024-11-22 11:13:02 +00:00
Code Issues Projects Releases Packages Wiki Activity
linux-baseline/inspec.yml
Martin Schurz 19825b5565 fix formating 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
2023-11-19 16:49:11 +01:00

33 lines
1.3 KiB
YAML
Raw Blame History

---
name: linux-baseline
title: DevSec Linux Security Baseline
maintainer: DevSec Hardening Framework Team
copyright: DevSec Hardening Framework Team
copyright_email: hello@dev-sec.io
license: Apache-2.0
summary: Test suite for best practice Linux OS hardening
inspec_version: '>= 4.6.3'
version: 2.9.0
supports:
- os-family: linux
inputs:
- name: login_defs_umask
description: Default umask to set in login.defs
- name: login_defs_passmaxdays
description: Default password maxdays to set in login.defs
- name: login_defs_passmindays
description: Default password mindays to set in login.defs
- name: login_defs_passwarnage
description: Default password warnage (days) to set in login.defs
- name: blacklist
description: blacklist of suid/sgid program on system
- name: mount_exec_blocklist
description: List of mountpoints where 'noexec' mount option should be set
- name: mount_suid_blocklist
description: List of mountpoints where 'nosuid' mount option should be set
- name: mount_dev_blocklist
description: List of mountpoints where 'nodev' mount option should be set
- name: sysctl_forwarding
description: Is network forwarding needed?
- name: kernel_modules_disabled
description: Should loading of kernel modules be disabled?
Reference in a new issue View git blame Copy permalink