From 3507fcf4d20820f6f8f997b98a92e2dfc14131b1 Mon Sep 17 00:00:00 2001 From: Alan Moore Date: Mon, 17 Feb 2025 17:37:23 +0000 Subject: [PATCH] modify rule.yaml files to change the parameter name of file_owner template from fileuid to uid_or_name --- .../file_ownership_audit_configuration/rule.yml | 2 +- .../file_ownership_audit_binaries/rule.yml | 2 +- .../guide/services/cron_and_at/file_owner_cron_d/rule.yml | 2 +- .../guide/services/cron_and_at/file_owner_cron_daily/rule.yml | 2 +- .../guide/services/cron_and_at/file_owner_cron_deny/rule.yml | 2 +- .../services/cron_and_at/file_owner_cron_hourly/rule.yml | 2 +- .../services/cron_and_at/file_owner_cron_monthly/rule.yml | 2 +- .../services/cron_and_at/file_owner_cron_weekly/rule.yml | 2 +- .../guide/services/cron_and_at/file_owner_crontab/rule.yml | 2 +- .../restrict_at_cron_users/file_at_allow_exists/rule.yml | 2 +- .../restrict_at_cron_users/file_cron_allow_exists/rule.yml | 2 +- .../restrict_at_cron_users/file_owner_at_allow/rule.yml | 2 +- .../restrict_at_cron_users/file_owner_at_deny/rule.yml | 2 +- .../restrict_at_cron_users/file_owner_cron_allow/rule.yml | 2 +- .../guide/services/ntp/file_owner_etc_chrony_keys/rule.yml | 2 +- .../inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml | 2 +- .../inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml | 2 +- .../guide/services/ssh/directory_owner_sshd_config_d/rule.yml | 2 +- linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml | 2 +- .../services/ssh/file_owner_sshd_drop_in_config/rule.yml | 2 +- .../services/ssh/file_ownership_sshd_private_key/rule.yml | 2 +- .../guide/services/ssh/file_ownership_sshd_pub_key/rule.yml | 2 +- .../accounts/accounts-banners/file_owner_etc_issue/rule.yml | 4 ++-- .../accounts-banners/file_owner_etc_issue_net/rule.yml | 2 +- .../accounts/accounts-banners/file_owner_etc_motd/rule.yml | 2 +- .../accounts/accounts-session/file_ownership_lastlog/rule.yml | 2 +- .../bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml | 2 +- .../bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml | 2 +- .../bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml | 2 +- .../bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml | 2 +- .../system/logging/journald/dir_owner_system_journal/rule.yml | 2 +- .../system/logging/journald/file_owner_journalctl/rule.yml | 2 +- .../logging/journald/file_owner_system_journal/rule.yml | 4 ++-- .../network/network-ipsec/directory_owner_etc_ipsecd/rule.yml | 2 +- .../network/network-ipsec/file_owner_etc_ipsec_conf/rule.yml | 2 +- .../network-ipsec/file_owner_etc_ipsec_secrets/rule.yml | 2 +- .../network-iptables/directory_owner_etc_iptables/rule.yml | 2 +- .../network-nftables/directory_owner_etc_nftables/rule.yml | 2 +- .../system/permissions/files/file_owner_etc_crypttab/rule.yml | 2 +- .../system/permissions/files/file_owner_systemmap/rule.yml | 2 +- .../file_owner_backup_etc_group/rule.yml | 2 +- .../file_owner_backup_etc_gshadow/rule.yml | 2 +- .../file_owner_backup_etc_passwd/rule.yml | 2 +- .../file_owner_backup_etc_shadow/rule.yml | 2 +- .../file_owner_etc_group/rule.yml | 2 +- .../file_owner_etc_gshadow/rule.yml | 2 +- .../file_owner_etc_passwd/rule.yml | 2 +- .../file_owner_etc_security_opasswd/rule.yml | 2 +- .../file_owner_etc_security_opasswd_old/rule.yml | 2 +- .../file_owner_etc_shadow/rule.yml | 2 +- .../file_owner_etc_shells/rule.yml | 2 +- .../files/permissions_var_log_dir/file_owner_var_log/rule.yml | 2 +- .../file_owner_var_log_messages/rule.yml | 2 +- .../file_owner_var_log_syslog/rule.yml | 2 +- .../dir_ownership_binary_dirs/rule.yml | 2 +- .../dir_ownership_library_dirs/rule.yml | 2 +- .../directory_owner_etc_sysctld/rule.yml | 2 +- .../file_ownership_library_dirs/rule.yml | 2 +- .../guide/system/selinux/directory_owner_etc_selinux/rule.yml | 2 +- .../system/selinux/file_owner_etc_sestatus_conf/rule.yml | 2 +- .../aide/file_audit_tools_ownership/rule.yml | 2 +- .../software/sudo/directory_owner_etc_sudoersd/rule.yml | 2 +- .../system/software/sudo/file_owner_etc_sudoers/rule.yml | 2 +- 63 files changed, 65 insertions(+), 65 deletions(-) diff --git a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_audit_configuration/rule.yml b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_audit_configuration/rule.yml index 273a78e5092..ce695a321a4 100644 --- a/linux_os/guide/auditing/auditd_configure_rules/file_ownership_audit_configuration/rule.yml +++ b/linux_os/guide/auditing/auditd_configure_rules/file_ownership_audit_configuration/rule.yml @@ -43,4 +43,4 @@ template: file_regex: - ^.*audit(\.rules|d\.conf)$ - ^.*\.rules$ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/auditing/file_permissions_auditd/file_ownership_audit_binaries/rule.yml b/linux_os/guide/auditing/file_permissions_auditd/file_ownership_audit_binaries/rule.yml index bc958db65d1..392d20b8e64 100644 --- a/linux_os/guide/auditing/file_permissions_auditd/file_ownership_audit_binaries/rule.yml +++ b/linux_os/guide/auditing/file_permissions_auditd/file_ownership_audit_binaries/rule.yml @@ -80,4 +80,4 @@ template: - /sbin/auditd {{% if 'rhel' not in product %}}- /sbin/audispd{{% endif %}} - /sbin/augenrules - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml index a0a0e4263f3..09c069909a6 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/cron.d/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml index 7eee9b7c290..3e9bc5300f2 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/cron.daily/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml index 48a5bfdf2d6..98f5e18ce3f 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml @@ -37,5 +37,5 @@ template: name: file_owner vars: filepath: /etc/cron.deny - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml index cbfe726cddf..34d76b264a7 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/cron.hourly/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml index 4d7d459ed9e..bdf4bbf2112 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/cron.monthly/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml index 011795f8ce7..238f6f74826 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/cron.weekly/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml index 85bdf6a18d3..48d90300d05 100644 --- a/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml +++ b/linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/crontab - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_allow_exists/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_allow_exists/rule.yml index 51e89f297c8..4322733735c 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_allow_exists/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_allow_exists/rule.yml @@ -28,5 +28,5 @@ template: vars: filepath: /etc/at.allow exists: true - fileuid: "0" + uid_or_name: "0" filemode: "0640" diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml index 369f0c9c955..776fef84a28 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml @@ -35,5 +35,5 @@ template: vars: filepath: /etc/cron.allow exists: true - fileuid: "0" + uid_or_name: "0" filemode: "0600" diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml index a36b945c3fb..7e6af9b398e 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml @@ -37,4 +37,4 @@ template: name: file_owner vars: filepath: /etc/at.allow - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_deny/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_deny/rule.yml index 46ea7880ffb..ee9ba15d7ad 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_deny/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_deny/rule.yml @@ -23,4 +23,4 @@ template: name: file_owner vars: filepath: /etc/at.deny - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml index 78526c7da3a..c67276e9c81 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_cron_allow/rule.yml @@ -45,4 +45,4 @@ template: name: file_owner vars: filepath: /etc/cron.allow - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/ntp/file_owner_etc_chrony_keys/rule.yml b/linux_os/guide/services/ntp/file_owner_etc_chrony_keys/rule.yml index 685943cf9df..683af7223c1 100644 --- a/linux_os/guide/services/ntp/file_owner_etc_chrony_keys/rule.yml +++ b/linux_os/guide/services/ntp/file_owner_etc_chrony_keys/rule.yml @@ -30,4 +30,4 @@ template: name: file_owner vars: filepath: /etc/chrony.keys - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml index fcdc03a77d0..a22b9c727a9 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_allow/rule.yml @@ -22,4 +22,4 @@ template: name: file_owner vars: filepath: /etc/hosts.allow - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml index 25d1c914b25..4ae08c382cf 100644 --- a/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml +++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/file_owner_etc_hosts_deny/rule.yml @@ -22,4 +22,4 @@ template: name: file_owner vars: filepath: /etc/hosts.deny - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/ssh/directory_owner_sshd_config_d/rule.yml b/linux_os/guide/services/ssh/directory_owner_sshd_config_d/rule.yml index 7150add497c..65ec7c47e89 100644 --- a/linux_os/guide/services/ssh/directory_owner_sshd_config_d/rule.yml +++ b/linux_os/guide/services/ssh/directory_owner_sshd_config_d/rule.yml @@ -42,4 +42,4 @@ template: name: file_owner vars: filepath: '/etc/ssh/sshd_config.d/' - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml index 800004e9d1d..c6854bf60e4 100644 --- a/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml +++ b/linux_os/guide/services/ssh/file_owner_sshd_config/rule.yml @@ -52,4 +52,4 @@ template: name: file_owner vars: filepath: /etc/ssh/sshd_config - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/ssh/file_owner_sshd_drop_in_config/rule.yml b/linux_os/guide/services/ssh/file_owner_sshd_drop_in_config/rule.yml index a625d1c7682..34dafbb6572 100644 --- a/linux_os/guide/services/ssh/file_owner_sshd_drop_in_config/rule.yml +++ b/linux_os/guide/services/ssh/file_owner_sshd_drop_in_config/rule.yml @@ -44,4 +44,4 @@ template: vars: filepath: '/etc/ssh/sshd_config.d/' file_regex: '^.*$' - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/rule.yml b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/rule.yml index dbe08971222..49e15472edb 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_private_key/rule.yml +++ b/linux_os/guide/services/ssh/file_ownership_sshd_private_key/rule.yml @@ -28,7 +28,7 @@ template: - /etc/ssh/ file_regex: - ^.*_key$ - fileuid: '0' + uid_or_name: '0' warnings: - general: |- diff --git a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml index afb33a8d820..6da23ad7d71 100644 --- a/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml +++ b/linux_os/guide/services/ssh/file_ownership_sshd_pub_key/rule.yml @@ -29,7 +29,7 @@ template: - /etc/ssh/ file_regex: - ^.*\.pub$ - fileuid: '0' + uid_or_name: '0' warnings: - general: |- diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml index 159422e87c6..7b4ac397b69 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue/rule.yml @@ -40,7 +40,7 @@ template: name: file_owner vars: filepath: /etc/issue.d/ - fileuid: '0' + uid_or_name: '0' file_regex: ^.*$ recursive: 'true' {{%- else %}} @@ -48,5 +48,5 @@ template: name: file_owner vars: filepath: /etc/issue - fileuid: '0' + uid_or_name: '0' {{%- endif -%}} diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml index 95cd710d2e9..d38c08ac726 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_issue_net/rule.yml @@ -39,4 +39,4 @@ template: name: file_owner vars: filepath: /etc/issue.net - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml index 4ed30200757..81c04b159a0 100644 --- a/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml +++ b/linux_os/guide/system/accounts/accounts-banners/file_owner_etc_motd/rule.yml @@ -39,4 +39,4 @@ template: name: file_owner vars: filepath: /etc/motd - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_lastlog/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_lastlog/rule.yml index eeb591bf11a..e26e5c2a7b2 100644 --- a/linux_os/guide/system/accounts/accounts-session/file_ownership_lastlog/rule.yml +++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_lastlog/rule.yml @@ -31,4 +31,4 @@ template: name: file_owner vars: filepath: /usr/bin/lastlog - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml index df37562abf4..c32853604b7 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_grub2_cfg/rule.yml @@ -56,4 +56,4 @@ template: name: file_owner vars: filepath: {{{ grub2_boot_path }}}/grub.cfg - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml index b4f7e80ba4c..fcaff769d4b 100644 --- a/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/non-uefi/file_owner_user_cfg/rule.yml @@ -45,4 +45,4 @@ template: name: file_owner vars: filepath: {{{ grub2_boot_path }}}/user.cfg - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml index acbf05579a4..2331d7093a1 100644 --- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml @@ -41,4 +41,4 @@ template: name: file_owner vars: filepath: {{{ grub2_uefi_boot_path }}}/grub.cfg - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml index ff55a8112e1..9d5b6dfd99d 100644 --- a/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml +++ b/linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_user_cfg/rule.yml @@ -43,4 +43,4 @@ template: name: file_owner vars: filepath: {{{ grub2_uefi_boot_path }}}/user.cfg - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/logging/journald/dir_owner_system_journal/rule.yml b/linux_os/guide/system/logging/journald/dir_owner_system_journal/rule.yml index 68fae279aa0..66b9fd09aa6 100644 --- a/linux_os/guide/system/logging/journald/dir_owner_system_journal/rule.yml +++ b/linux_os/guide/system/logging/journald/dir_owner_system_journal/rule.yml @@ -40,4 +40,4 @@ template: - /run/log/journal/ - /var/log/journal/ recursive: 'true' - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/logging/journald/file_owner_journalctl/rule.yml b/linux_os/guide/system/logging/journald/file_owner_journalctl/rule.yml index f137841ddbe..24e08d5dfb5 100644 --- a/linux_os/guide/system/logging/journald/file_owner_journalctl/rule.yml +++ b/linux_os/guide/system/logging/journald/file_owner_journalctl/rule.yml @@ -33,4 +33,4 @@ template: name: file_owner vars: filepath: /usr/bin/journalctl - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/logging/journald/file_owner_system_journal/rule.yml b/linux_os/guide/system/logging/journald/file_owner_system_journal/rule.yml index e3cf5b3d74d..a3599b34daf 100644 --- a/linux_os/guide/system/logging/journald/file_owner_system_journal/rule.yml +++ b/linux_os/guide/system/logging/journald/file_owner_system_journal/rule.yml @@ -61,11 +61,11 @@ template: - /var/log/journal/ recursive: 'true' file_regex: ^.*$ - fileuid: '0' + uid_or_name: '0' {{%- else %}} filepath: ^/var/log/journal/.*/system.journal$ - fileuid: '0' + uid_or_name: '0' filepath_is_regex: "true" {{%- endif %}} diff --git a/linux_os/guide/system/network/network-ipsec/directory_owner_etc_ipsecd/rule.yml b/linux_os/guide/system/network/network-ipsec/directory_owner_etc_ipsecd/rule.yml index d890e4fa256..5ba48d03235 100644 --- a/linux_os/guide/system/network/network-ipsec/directory_owner_etc_ipsecd/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/directory_owner_etc_ipsecd/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/ipsec.d/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_conf/rule.yml b/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_conf/rule.yml index e391ed839d4..d34d4508376 100644 --- a/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_conf/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_conf/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/ipsec.conf - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_secrets/rule.yml b/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_secrets/rule.yml index 00210840934..e852dc2af01 100644 --- a/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_secrets/rule.yml +++ b/linux_os/guide/system/network/network-ipsec/file_owner_etc_ipsec_secrets/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/ipsec.secrets - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/network/network-iptables/directory_owner_etc_iptables/rule.yml b/linux_os/guide/system/network/network-iptables/directory_owner_etc_iptables/rule.yml index 2907323abc5..73bee571031 100644 --- a/linux_os/guide/system/network/network-iptables/directory_owner_etc_iptables/rule.yml +++ b/linux_os/guide/system/network/network-iptables/directory_owner_etc_iptables/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/iptables/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/network/network-nftables/directory_owner_etc_nftables/rule.yml b/linux_os/guide/system/network/network-nftables/directory_owner_etc_nftables/rule.yml index f03f53ce233..fcce81a3b41 100644 --- a/linux_os/guide/system/network/network-nftables/directory_owner_etc_nftables/rule.yml +++ b/linux_os/guide/system/network/network-nftables/directory_owner_etc_nftables/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/nftables/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/file_owner_etc_crypttab/rule.yml b/linux_os/guide/system/permissions/files/file_owner_etc_crypttab/rule.yml index 9ac3a2a1be3..e6816a9a9f3 100644 --- a/linux_os/guide/system/permissions/files/file_owner_etc_crypttab/rule.yml +++ b/linux_os/guide/system/permissions/files/file_owner_etc_crypttab/rule.yml @@ -31,4 +31,4 @@ template: name: file_owner vars: filepath: /etc/crypttab - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml b/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml index dc143066ebb..ae4c378330f 100644 --- a/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml +++ b/linux_os/guide/system/permissions/files/file_owner_systemmap/rule.yml @@ -31,4 +31,4 @@ template: vars: filepath: /boot/ file_regex: ^.*System\.map.*$ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml index ab40b467e41..8806073b15c 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_group/rule.yml @@ -43,4 +43,4 @@ template: name: file_owner vars: filepath: /etc/group- - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml index d7785ebb700..f41c92b5831 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_gshadow/rule.yml @@ -43,4 +43,4 @@ template: name: file_owner vars: filepath: /etc/gshadow- - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml index e70960eed95..5388e1d2703 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_passwd/rule.yml @@ -43,4 +43,4 @@ template: name: file_owner vars: filepath: /etc/passwd- - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml index e02822ac935..dfb4a79a4f1 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_backup_etc_shadow/rule.yml @@ -43,4 +43,4 @@ template: name: file_owner vars: filepath: /etc/shadow- - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml index 54b936d63d0..d91d09962fb 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml @@ -50,4 +50,4 @@ template: name: file_owner vars: filepath: /etc/group - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml index b0ec153b0e3..f10f9d54158 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml @@ -48,4 +48,4 @@ template: name: file_owner vars: filepath: /etc/gshadow - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml index 1127f332150..124c190129c 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml @@ -50,4 +50,4 @@ template: name: file_owner vars: filepath: /etc/passwd - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml index 4604d9ac0fd..d277c609a43 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd/rule.yml @@ -23,4 +23,4 @@ template: name: file_owner vars: filepath: /etc/security/opasswd - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml index 12240298f12..28f0f9a5f92 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_security_opasswd_old/rule.yml @@ -23,4 +23,4 @@ template: name: file_owner vars: filepath: /etc/security/opasswd.old - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml index 5fdc5b44fe4..1b5e5367d94 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml @@ -53,4 +53,4 @@ template: name: file_owner vars: filepath: /etc/shadow - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shells/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shells/rule.yml index aa481b3d436..5ba04077c2e 100644 --- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shells/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shells/rule.yml @@ -34,4 +34,4 @@ template: name: file_owner vars: filepath: /etc/shells - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml index c098f043b90..25d4b429a3f 100644 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log/rule.yml @@ -34,7 +34,7 @@ template: name: file_owner vars: filepath: /var/log/ - fileuid: '0' + uid_or_name: '0' fixtext: |- {{{ describe_file_owner(file="/var/log", owner="root") }}} diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml index b17311a2418..eab1808b1c2 100644 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_messages/rule.yml @@ -30,7 +30,7 @@ template: name: file_owner vars: filepath: /var/log/messages - fileuid: '0' + uid_or_name: '0' fixtext: |- {{{ describe_file_owner(file="/var/log/messages", owner="root") }}} diff --git a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_syslog/rule.yml b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_syslog/rule.yml index 40cfa5dfd93..d3578d5de6a 100644 --- a/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_syslog/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_var_log_dir/file_owner_var_log_syslog/rule.yml @@ -25,4 +25,4 @@ template: name: file_owner vars: filepath: /var/log/syslog - fileuid: '104' + uid_or_name: syslog diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_binary_dirs/rule.yml index d37c3d907aa..0a19c9d2745 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_binary_dirs/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_binary_dirs/rule.yml @@ -53,4 +53,4 @@ template: - /usr/local/bin/ - /usr/local/sbin/ recursive: 'true' - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml index 3fcdad61077..d7cad121a62 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/dir_ownership_library_dirs/rule.yml @@ -61,7 +61,7 @@ template: - /usr/lib/ - /usr/lib64/ recursive: 'true' - fileuid: '0' + uid_or_name: '0' fixtext: |- Configure the system-wide shared library directories within (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/directory_owner_etc_sysctld/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/directory_owner_etc_sysctld/rule.yml index be40ab2c775..0676ad88499 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/directory_owner_etc_sysctld/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/directory_owner_etc_sysctld/rule.yml @@ -32,4 +32,4 @@ template: name: file_owner vars: filepath: /etc/sysctl.d/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml index 2f00b19b340..b70d4f6364d 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml @@ -68,7 +68,7 @@ template: - /usr/lib64/ recursive: 'true' file_regex: ^.*$ - fileuid: '0' + uid_or_name: '0' fixtext: |- Configure the system-wide shared library files (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. diff --git a/linux_os/guide/system/selinux/directory_owner_etc_selinux/rule.yml b/linux_os/guide/system/selinux/directory_owner_etc_selinux/rule.yml index 00f925f7cc9..4c8d01f8640 100644 --- a/linux_os/guide/system/selinux/directory_owner_etc_selinux/rule.yml +++ b/linux_os/guide/system/selinux/directory_owner_etc_selinux/rule.yml @@ -30,4 +30,4 @@ template: name: file_owner vars: filepath: /etc/selinux/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/selinux/file_owner_etc_sestatus_conf/rule.yml b/linux_os/guide/system/selinux/file_owner_etc_sestatus_conf/rule.yml index 12cd006181d..ba62bf3c001 100644 --- a/linux_os/guide/system/selinux/file_owner_etc_sestatus_conf/rule.yml +++ b/linux_os/guide/system/selinux/file_owner_etc_sestatus_conf/rule.yml @@ -30,4 +30,4 @@ template: name: file_owner vars: filepath: /etc/sestatus.conf - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml index 881a996aed7..820374e1887 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/file_audit_tools_ownership/rule.yml @@ -65,4 +65,4 @@ template: - /sbin/auditd - /sbin/rsyslogd - /sbin/augenrules - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/software/sudo/directory_owner_etc_sudoersd/rule.yml b/linux_os/guide/system/software/sudo/directory_owner_etc_sudoersd/rule.yml index 259db96bb96..5ef16b189ba 100644 --- a/linux_os/guide/system/software/sudo/directory_owner_etc_sudoersd/rule.yml +++ b/linux_os/guide/system/software/sudo/directory_owner_etc_sudoersd/rule.yml @@ -30,4 +30,4 @@ template: name: file_owner vars: filepath: /etc/sudoers.d/ - fileuid: '0' + uid_or_name: '0' diff --git a/linux_os/guide/system/software/sudo/file_owner_etc_sudoers/rule.yml b/linux_os/guide/system/software/sudo/file_owner_etc_sudoers/rule.yml index bb0c8fec4ce..a1e02385222 100644 --- a/linux_os/guide/system/software/sudo/file_owner_etc_sudoers/rule.yml +++ b/linux_os/guide/system/software/sudo/file_owner_etc_sudoers/rule.yml @@ -30,4 +30,4 @@ template: name: file_owner vars: filepath: /etc/sudoers - fileuid: '0' + uid_or_name: '0'