Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update RHEL 9 STIG to V2R2 #12551

Open
wants to merge 6 commits into
base: master
Choose a base branch
from

Conversation

Mab879
Copy link
Member

@Mab879 Mab879 commented Oct 29, 2024

Description:

  • Description here. Replace this text. Don't use the italics format!

Rationale:

@Mab879 Mab879 added New Rule Issues or pull requests related to new Rules. RHEL9 Red Hat Enterprise Linux 9 product related. Update Profile Issues or pull requests related to Profiles updates. STIG STIG Benchmark related. labels Oct 29, 2024
@Mab879 Mab879 added this to the 0.1.75 milestone Oct 29, 2024
Copy link

Start a new ephemeral environment with changes proposed in this pull request:

rhel9 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

Copy link

This datastream diff is auto generated by the check Compare DS/Generate Diff.
Due to the excessive size of the diff, it has been trimmed to fit the 65535-character limit.

Click here to see the trimmed diff
New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_crypto_policy'.
--- xccdf_org.ssgproject.content_rule_configure_crypto_policy
+++ xccdf_org.ssgproject.content_rule_configure_crypto_policy
@@ -158,7 +158,7 @@
 SV-258238r991554_rule
 
 [reference]:
-SV-258241r987791_rule
+SV-258241r1017572_rule
 
 [rationale]:
 Centralized cryptographic policies simplify applying secure ciphers across an operating system and

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy'.
--- xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
+++ xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
@@ -79,12 +79,6 @@
 [reference]:
 2.2
 
-[reference]:
-RHEL-09-255055
-
-[reference]:
-SV-257987r991554_rule
-
 [rationale]:
 Overriding the system crypto policy makes the behavior of the SSH service violate expectations,
 and makes system configuration more fragmented.

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy' differs.
--- xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
+++ xccdf_org.ssgproject.content_rule_configure_ssh_crypto_policy
@@ -5,7 +5,6 @@
     regexp: (?i)^\s*CRYPTO_POLICY.*$
   tags:
   - CCE-83445-7
-  - DISA-STIG-RHEL-09-255055
   - NIST-800-53-AC-17(2)
   - NIST-800-53-AC-17(a)
   - NIST-800-53-CM-6(a)

New content has different text for rule 'xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy'.
--- xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy
+++ xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_opensshserver_conf_crypto_policy
@@ -46,7 +46,13 @@
 SRG-OS-000250-GPOS-00093
 
 [reference]:
+RHEL-09-255055
+
+[reference]:
 RHEL-09-255065
+
+[reference]:
+SV-257987r1014852_rule
 
 [reference]:
 SV-257989r991554_rule

New content has different text for rule 'xccdf_org.ssgproject.content_rule_encrypt_partitions'.
--- xccdf_org.ssgproject.content_rule_encrypt_partitions
+++ xccdf_org.ssgproject.content_rule_encrypt_partitions
@@ -233,7 +233,7 @@
 RHEL-09-231190
 
 [reference]:
-SV-257879r958872_rule
+SV-257879r1014836_rule
 
 [rationale]:
 The risk of a system's physical compromise, particularly mobile systems such as

New content has different text for rule 'xccdf_org.ssgproject.content_rule_dconf_gnome_disable_restart_shutdown'.
--- xccdf_org.ssgproject.content_rule_dconf_gnome_disable_restart_shutdown
+++ xccdf_org.ssgproject.content_rule_dconf_gnome_disable_restart_shutdown
@@ -165,7 +165,7 @@
 RHEL-09-271100
 
 [reference]:
-SV-258029r991589_rule
+SV-258029r1014857_rule
 
 [reference]:
 SV-258030r991589_rule

New content has different text for rule 'xccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal'.
--- xccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal
+++ xccdf_org.ssgproject.content_rule_dconf_gnome_lock_screen_on_smartcard_removal
@@ -37,10 +37,10 @@
 RHEL-09-271050
 
 [reference]:
-SV-258019r997071_rule
+SV-258019r1015086_rule
 
 [reference]:
-SV-258020r997072_rule
+SV-258020r1015087_rule
 
 [rationale]:
 Locking the screen automatically when removing the smartcard can

New content has different text for rule 'xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled'.
--- xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled
+++ xccdf_org.ssgproject.content_rule_dconf_gnome_screensaver_lock_enabled
@@ -142,10 +142,10 @@
 RHEL-09-271060
 
 [reference]:
-SV-258021r997073_rule
+SV-258021r1015088_rule
 
 [reference]:
-SV-258022r997074_rule
+SV-258022r1015089_rule
 
 [rationale]:
 A session lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate'.
--- xccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate
+++ xccdf_org.ssgproject.content_rule_sudo_remove_no_authenticate
@@ -147,7 +147,7 @@
 RHEL-09-432025
 
 [reference]:
-SV-258086r997081_rule
+SV-258086r1015095_rule
 
 [rationale]:
 Without re-authentication, users may access resources or perform tasks for which they

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sudo_remove_nopasswd'.
--- xccdf_org.ssgproject.content_rule_sudo_remove_nopasswd
+++ xccdf_org.ssgproject.content_rule_sudo_remove_nopasswd
@@ -148,7 +148,7 @@
 RHEL-09-611085
 
 [reference]:
-SV-258106r997092_rule
+SV-258106r1015106_rule
 
 [rationale]:
 Without re-authentication, users may access resources or perform tasks for which they

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sudo_require_reauthentication'.
--- xccdf_org.ssgproject.content_rule_sudo_require_reauthentication
+++ xccdf_org.ssgproject.content_rule_sudo_require_reauthentication
@@ -46,7 +46,7 @@
 RHEL-09-432015
 
 [reference]:
-SV-258084r997080_rule
+SV-258084r1015094_rule
 
 [rationale]:
 Without re-authentication, users may access resources or perform tasks for which they

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_subscription-manager_installed'.
--- xccdf_org.ssgproject.content_rule_package_subscription-manager_installed
+++ xccdf_org.ssgproject.content_rule_package_subscription-manager_installed
@@ -47,7 +47,7 @@
 RHEL-09-215010
 
 [reference]:
-SV-257825r997056_rule
+SV-257825r1015079_rule
 
 [rationale]:
 Red Hat Subscription Manager is a local service which tracks installed products

New content has different text for rule 'xccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated'.
--- xccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated
+++ xccdf_org.ssgproject.content_rule_ensure_gpgcheck_globally_activated
@@ -188,7 +188,7 @@
 RHEL-09-214015
 
 [reference]:
-SV-257820r997053_rule
+SV-257820r1015076_rule
 
 [rationale]:
 Changes to any software components can have significant effects on the

New content has different text for rule 'xccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages'.
--- xccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages
+++ xccdf_org.ssgproject.content_rule_ensure_gpgcheck_local_packages
@@ -113,7 +113,7 @@
 RHEL-09-214020
 
 [reference]:
-SV-257821r997054_rule
+SV-257821r1015077_rule
 
 [rationale]:
 Changes to any software components can have significant effects to the overall security

New content has different text for rule 'xccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled'.
--- xccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled
+++ xccdf_org.ssgproject.content_rule_ensure_gpgcheck_never_disabled
@@ -182,7 +182,7 @@
 RHEL-09-214025
 
 [reference]:
-SV-257822r997055_rule
+SV-257822r1015078_rule
 
 [rationale]:
 Verifying the authenticity of the software prior to installation validates

New content has different text for rule 'xccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed'.
--- xccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed
+++ xccdf_org.ssgproject.content_rule_ensure_redhat_gpgkey_installed
@@ -201,7 +201,7 @@
 RHEL-09-214010
 
 [reference]:
-SV-257819r997052_rule
+SV-257819r1015075_rule
 
 [rationale]:
 Changes to software components can have significant effects on the overall

New content has different text for rule 'xccdf_org.ssgproject.content_rule_dconf_gnome_banner_enabled'.
--- xccdf_org.ssgproject.content_rule_dconf_gnome_banner_enabled
+++ xccdf_org.ssgproject.content_rule_dconf_gnome_banner_enabled
@@ -158,7 +158,7 @@
 RHEL-09-271015
 
 [reference]:
-SV-258012r958390_rule
+SV-258012r1014855_rule
 
 [reference]:
 SV-258013r958390_rule

New content has different text for rule 'xccdf_org.ssgproject.content_rule_disallow_bypass_password_sudo'.
--- xccdf_org.ssgproject.content_rule_disallow_bypass_password_sudo
+++ xccdf_org.ssgproject.content_rule_disallow_bypass_password_sudo
@@ -27,7 +27,7 @@
 RHEL-09-611145
 
 [reference]:
-SV-258118r997103_rule
+SV-258118r1015117_rule
 
 [rationale]:
 Without re-authentication, users may access resources or perform tasks for which they do not

New content has different text for rule 'xccdf_org.ssgproject.content_rule_account_password_pam_faillock_password_auth'.
--- xccdf_org.ssgproject.content_rule_account_password_pam_faillock_password_auth
+++ xccdf_org.ssgproject.content_rule_account_password_pam_faillock_password_auth
@@ -21,7 +21,7 @@
 RHEL-09-611035
 
 [reference]:
-SV-258096r958388_rule
+SV-258096r1014883_rule
 
 [rationale]:
 If the pam_faillock.so module is not loaded the system will not correctly lockout accounts to prevent

New content has different text for rule 'xccdf_org.ssgproject.content_rule_account_password_pam_faillock_system_auth'.
--- xccdf_org.ssgproject.content_rule_account_password_pam_faillock_system_auth
+++ xccdf_org.ssgproject.content_rule_account_password_pam_faillock_system_auth
@@ -21,7 +21,7 @@
 RHEL-09-611030
 
 [reference]:
-SV-258095r958388_rule
+SV-258095r1014881_rule
 
 [rationale]:
 If the pam_faillock.so module is not loaded the system will not correctly lockout accounts to prevent

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_dcredit'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_dcredit
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_dcredit
@@ -232,7 +232,7 @@
 RHEL-09-611070
 
 [reference]:
-SV-258103r997089_rule
+SV-258103r1015103_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_difok'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_difok
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_difok
@@ -183,7 +183,7 @@
 RHEL-09-611115
 
 [reference]:
-SV-258112r997097_rule
+SV-258112r1015111_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_enforce_root'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_enforce_root
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_enforce_root
@@ -51,7 +51,7 @@
 RHEL-09-611060
 
 [reference]:
-SV-258101r997087_rule
+SV-258101r1015101_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required to compromise

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_lcredit'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_lcredit
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_lcredit
@@ -232,7 +232,7 @@
 RHEL-09-611065
 
 [reference]:
-SV-258102r997088_rule
+SV-258102r1015102_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_maxclassrepeat'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_maxclassrepeat
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_maxclassrepeat
@@ -178,7 +178,7 @@
 RHEL-09-611120
 
 [reference]:
-SV-258113r997098_rule
+SV-258113r1015112_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required to compromise the password.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_maxrepeat'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_maxrepeat
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_maxrepeat
@@ -175,7 +175,7 @@
 RHEL-09-611125
 
 [reference]:
-SV-258114r997099_rule
+SV-258114r1015113_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required to compromise the password.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass
@@ -237,7 +237,7 @@
 RHEL-09-611130
 
 [reference]:
-SV-258115r997100_rule
+SV-258115r1015114_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required to compromise the password.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_minlen'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_minlen
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_minlen
@@ -243,7 +243,7 @@
 RHEL-09-611090
 
 [reference]:
-SV-258107r997093_rule
+SV-258107r1015107_rule
 
 [rationale]:
 The shorter the password, the lower the number of possible combinations

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_ocredit'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_ocredit
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_ocredit
@@ -225,7 +225,7 @@
 RHEL-09-611100
 
 [reference]:
-SV-258109r997095_rule
+SV-258109r1015109_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_password_auth'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_password_auth
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_password_auth
@@ -24,7 +24,7 @@
 RHEL-09-611040
 
 [reference]:
-SV-258097r997084_rule
+SV-258097r1015098_rule
 
 [rationale]:
 Enabling PAM password complexity permits to enforce strong passwords and consequently

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_system_auth'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_system_auth
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_pwquality_system_auth
@@ -18,7 +18,7 @@
 RHEL-09-611045
 
 [reference]:
-SV-258098r991589_rule
+SV-258098r1014887_rule
 
 [rationale]:
 Enabling PAM password complexity permits to enforce strong passwords and consequently

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_retry'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_retry
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_retry
@@ -238,7 +238,7 @@
 RHEL-09-611010
 
 [reference]:
-SV-258091r997083_rule
+SV-258091r1015097_rule
 
 [rationale]:
 Setting the password retry prompts that are permitted on a per-session basis to a low value

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_ucredit'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_ucredit
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_ucredit
@@ -229,7 +229,7 @@
 RHEL-09-611110
 
 [reference]:
-SV-258111r997096_rule
+SV-258111r1015110_rule
 
 [rationale]:
 Use of a complex password helps to increase the time and resources required to compromise the password.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_libuserconf'.
--- xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_libuserconf
+++ xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_libuserconf
@@ -198,7 +198,7 @@
 RHEL-09-611135
 
 [reference]:
-SV-258116r997101_rule
+SV-258116r1015115_rule
 
 [rationale]:
 Passwords need to be protected at all times, and encryption is the standard method for

New content has different text for rule 'xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_logindefs'.
--- xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_logindefs
+++ xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_logindefs
@@ -200,7 +200,7 @@
 RHEL-09-611140
 
 [reference]:
-SV-258117r997102_rule
+SV-258117r1015116_rule
 
 [rationale]:
 Passwords need to be protected at all times, and encryption is the standard method for

New content has different text for rule 'xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_passwordauth'.
--- xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_passwordauth
+++ xccdf_org.ssgproject.content_rule_set_password_hashing_algorithm_passwordauth
@@ -218,7 +218,7 @@
 RHEL-09-671025
 
 [reference]:
-SV-258233r997115_rule
+SV-258233r1015136_rule
 
 [rationale]:
 Passwords need to be protected at all times, and encryption is the standard method for

New content has different text for rule 'xccdf_org.ssgproject.content_rule_set_password_hashing_min_rounds_logindefs'.
--- xccdf_org.ssgproject.content_rule_set_password_hashing_min_rounds_logindefs
+++ xccdf_org.ssgproject.content_rule_set_password_hashing_min_rounds_logindefs
@@ -26,9 +26,6 @@
 [reference]:
 RHEL-09-611150
 
-[reference]:
-SV-258119r997104_rule
-
 [rationale]:
 Passwords need to be protected at all times, and encryption is the standard
 method for protecting passwords. If passwords are not encrypted, they can

New content has different text for rule 'xccdf_org.ssgproject.content_rule_logind_session_timeout'.
--- xccdf_org.ssgproject.content_rule_logind_session_timeout
+++ xccdf_org.ssgproject.content_rule_logind_session_timeout
@@ -308,7 +308,7 @@
 RHEL-09-412080
 
 [reference]:
-SV-258077r970703_rule
+SV-258077r1014874_rule
 
 [rationale]:
 Terminating an idle session within a short time period reduces the window of

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_tmux_installed'.
--- xccdf_org.ssgproject.content_rule_package_tmux_installed
+++ xccdf_org.ssgproject.content_rule_package_tmux_installed
@@ -135,9 +135,6 @@
 [reference]:
 RHEL-09-412010
 
-[reference]:
-SV-258063r997079_rule
-
 [rationale]:
 A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate
 physical vicinity of the information system but does not logout because of the temporary nature of the absence.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_bashrc_tmux'.
--- xccdf_org.ssgproject.content_rule_configure_bashrc_tmux
+++ xccdf_org.ssgproject.content_rule_configure_bashrc_tmux
@@ -29,9 +29,6 @@
 [reference]:
 RHEL-09-412015
 
-[reference]:
-SV-258064r958404_rule
-
 [rationale]:
 Unlike bash itself, the tmux terminal multiplexer
 provides a mechanism to lock sessions after period of inactivity.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time'.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time
@@ -32,9 +32,6 @@
 [reference]:
 RHEL-09-412025
 
-[reference]:
-SV-258066r958402_rule
-
 [rationale]:
 Locking the session after a period of inactivity limits the
 potential exposure if the session is left unattended.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_command'.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_command
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_command
@@ -41,9 +41,6 @@
 [reference]:
 RHEL-09-412020
 
-[reference]:
-SV-258065r958400_rule
-
 [rationale]:
 The tmux package allows for a session lock to be implemented and configured.
 However, the session lock is implemented by an external command. The tmux

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding'.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding
@@ -22,9 +22,6 @@
 [reference]:
 RHEL-09-412020
 
-[reference]:
-SV-258065r958400_rule
-
 [rationale]:
 The tmux package allows for a session lock to be implemented and configured.
 However, the session lock is implemented by an external command. The tmux

New content has different text for rule 'xccdf_org.ssgproject.content_rule_no_tmux_in_shells'.
--- xccdf_org.ssgproject.content_rule_no_tmux_in_shells
+++ xccdf_org.ssgproject.content_rule_no_tmux_in_shells
@@ -37,9 +37,6 @@
 [reference]:
 RHEL-09-412030
 
-[reference]:
-SV-258067r958726_rule
-
 [rationale]:
 Not listing tmux among permitted shells
 prevents malicious program running as user

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_opensc_installed'.
--- xccdf_org.ssgproject.content_rule_package_opensc_installed
+++ xccdf_org.ssgproject.content_rule_package_opensc_installed
@@ -35,7 +35,7 @@
 RHEL-09-611185
 
 [reference]:
-SV-258126r997110_rule
+SV-258126r1015124_rule
 
 [rationale]:
 Using an authentication device, such as a CAC or token that is separate from

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_pcsc-lite_installed'.
--- xccdf_org.ssgproject.content_rule_package_pcsc-lite_installed
+++ xccdf_org.ssgproject.content_rule_package_pcsc-lite_installed
@@ -29,7 +29,7 @@
 RHEL-09-611175
 
 [reference]:
-SV-258124r997108_rule
+SV-258124r1015122_rule
 
 [rationale]:
 The pcsc-lite package must be installed if it is to be available for

New content has different text for rule 'xccdf_org.ssgproject.content_rule_install_smartcard_packages'.
--- xccdf_org.ssgproject.content_rule_install_smartcard_packages
+++ xccdf_org.ssgproject.content_rule_install_smartcard_packages
@@ -44,7 +44,7 @@
 RHEL-09-215075
 
 [reference]:
-SV-257838r997057_rule
+SV-257838r1015080_rule
 
 [rationale]:
 Using an authentication device, such as a CAC or token that is separate from

New content has different text for rule 'xccdf_org.ssgproject.content_rule_service_pcscd_enabled'.
--- xccdf_org.ssgproject.content_rule_service_pcscd_enabled
+++ xccdf_org.ssgproject.content_rule_service_pcscd_enabled
@@ -52,7 +52,7 @@
 RHEL-09-611180
 
 [reference]:
-SV-258125r997109_rule
+SV-258125r1015123_rule
 
 [rationale]:
 Using an authentication device, such as a CAC or token that is separate from

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_opensc_card_drivers'.
--- xccdf_org.ssgproject.content_rule_configure_opensc_card_drivers
+++ xccdf_org.ssgproject.content_rule_configure_opensc_card_drivers
@@ -237,7 +237,7 @@
 RHEL-09-611160
 
 [reference]:
-SV-258121r997105_rule
+SV-258121r1015119_rule
 
 [rationale]:
 Smart card login provides two-factor authentication stronger than

New content has different text for rule 'xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration'.
--- xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration
+++ xccdf_org.ssgproject.content_rule_account_disable_post_pw_expiration
@@ -284,7 +284,7 @@
 RHEL-09-411050
 
 [reference]:
-SV-258049r997078_rule
+SV-258049r1015092_rule
 
 [rationale]:
 Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potentially obtain undetected access to the system.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_maximum_age_login_defs'.
--- xccdf_org.ssgproject.content_rule_accounts_maximum_age_login_defs
+++ xccdf_org.ssgproject.content_rule_accounts_maximum_age_login_defs
@@ -205,7 +205,7 @@
 RHEL-09-411010
 
 [reference]:
-SV-258041r997076_rule
+SV-258041r1015090_rule
 
 [rationale]:
 Any password, no matter how complex, can eventually be cracked. Therefore, passwords

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs'.
--- xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs
+++ xccdf_org.ssgproject.content_rule_accounts_minimum_age_login_defs
@@ -196,7 +196,7 @@
 RHEL-09-611075
 
 [reference]:
-SV-258104r997090_rule
+SV-258104r1015104_rule
 
 [rationale]:
 Enforcing a minimum password lifetime helps to prevent repeated password

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_minlen_login_defs'.
--- xccdf_org.ssgproject.content_rule_accounts_password_minlen_login_defs
+++ xccdf_org.ssgproject.content_rule_accounts_password_minlen_login_defs
@@ -231,9 +231,6 @@
 [reference]:
 RHEL-09-611095
 
-[reference]:
-SV-258108r997094_rule
-
 [rationale]:
 Requiring a minimum password length makes password
 cracking attacks more difficult by ensuring a larger

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_set_max_life_existing'.
--- xccdf_org.ssgproject.content_rule_accounts_password_set_max_life_existing
+++ xccdf_org.ssgproject.content_rule_accounts_password_set_max_life_existing
@@ -39,7 +39,7 @@
 RHEL-09-411015
 
 [reference]:
-SV-258042r997077_rule
+SV-258042r1015091_rule
 
 [rationale]:
 Any password, no matter how complex, can eventually be cracked. Therefore,

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_set_min_life_existing'.
--- xccdf_org.ssgproject.content_rule_accounts_password_set_min_life_existing
+++ xccdf_org.ssgproject.content_rule_accounts_password_set_min_life_existing
@@ -32,7 +32,7 @@
 RHEL-09-611080
 
 [reference]:
-SV-258105r997091_rule
+SV-258105r1015105_rule
 
 [rationale]:
 Enforcing a minimum password lifetime helps to prevent repeated password

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed_sha512'.
--- xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed_sha512
+++ xccdf_org.ssgproject.content_rule_accounts_password_all_shadowed_sha512
@@ -43,7 +43,7 @@
 RHEL-09-671015
 
 [reference]:
-SV-258231r997114_rule
+SV-258231r1015135_rule
 
 [rationale]:
 Passwords need to be protected at all times, and encryption is the standard method for

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_password_auth'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_password_auth
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_password_auth
@@ -36,7 +36,7 @@
 RHEL-09-611050
 
 [reference]:
-SV-258099r997085_rule
+SV-258099r1015099_rule
 
 [rationale]:
 Using a higher number of rounds makes password cracking attacks more difficult.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_system_auth'.
--- xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_system_auth
+++ xccdf_org.ssgproject.content_rule_accounts_password_pam_unix_rounds_system_auth
@@ -34,7 +34,7 @@
 RHEL-09-611055
 
 [reference]:
-SV-258100r997086_rule
+SV-258100r1015100_rule
 
 [rationale]:
 Using a higher number of rounds makes password cracking attacks more difficult.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_no_empty_passwords'.
--- xccdf_org.ssgproject.content_rule_no_empty_passwords
+++ xccdf_org.ssgproject.content_rule_no_empty_passwords
@@ -337,7 +337,7 @@
 RHEL-09-611025
 
 [reference]:
-SV-258094r991589_rule
+SV-258094r1014878_rule
 
 [rationale]:
 If an account has an empty password, anyone could log in and

New content has different text for rule 'xccdf_org.ssgproject.content_rule_use_pam_wheel_for_su'.
--- xccdf_org.ssgproject.content_rule_use_pam_wheel_for_su
+++ xccdf_org.ssgproject.content_rule_use_pam_wheel_for_su
@@ -35,7 +35,7 @@
 RHEL-09-432035
 
 [reference]:
-SV-258088r997082_rule
+SV-258088r1015096_rule
 
 [rationale]:
 The su program allows to run commands with a substitute user and

New content has different text for rule 'xccdf_org.ssgproject.content_rule_accounts_tmout'.
--- xccdf_org.ssgproject.content_rule_accounts_tmout
+++ xccdf_org.ssgproject.content_rule_accounts_tmout
@@ -171,7 +171,7 @@
 RHEL-09-412035
 
 [reference]:
-SV-258068r970703_rule
+SV-258068r1014872_rule
 
 [rationale]:
 Terminating an idle session within a short time period reduces

New content has different text for rule 'xccdf_org.ssgproject.content_rule_grub2_admin_username'.
--- xccdf_org.ssgproject.content_rule_grub2_admin_username
+++ xccdf_org.ssgproject.content_rule_grub2_admin_username
@@ -317,7 +317,7 @@
 RHEL-09-212020
 
 [reference]:
-SV-257789r958472_rule
+SV-257789r1014822_rule
 
 [rationale]:
 Having a non-default grub superuser username makes password-guessing attacks less effective.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_rsyslog_nolisten'.
--- xccdf_org.ssgproject.content_rule_rsyslog_nolisten
+++ xccdf_org.ssgproject.content_rule_rsyslog_nolisten
@@ -344,7 +344,7 @@
 RHEL-09-652025
 
 [reference]:
-SV-258143r991589_rule
+SV-258143r1014907_rule
 
 [rationale]:
 Any process which receives messages from the network incurs some risk of receiving malicious

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_firewalld_ports'.
--- xccdf_org.ssgproject.content_rule_configure_firewalld_ports
+++ xccdf_org.ssgproject.content_rule_configure_firewalld_ports
@@ -311,9 +311,6 @@
 [reference]:
 RHEL-09-251025
 
-[reference]:
-SV-257938r958480_rule
-
 [rationale]:
 In order to prevent unauthorized connection of devices, unauthorized transfer of information,
 or unauthorized tunneling (i.e., embedding of data types within data types), organizations must

New content has different text for rule 'xccdf_org.ssgproject.content_rule_networkmanager_dns_mode'.
--- xccdf_org.ssgproject.content_rule_networkmanager_dns_mode
+++ xccdf_org.ssgproject.content_rule_networkmanager_dns_mode
@@ -18,7 +18,7 @@
 RHEL-09-252040
 
 [reference]:
-SV-257949r991589_rule
+SV-257949r1014841_rule
 
 [rationale]:
 To ensure that DNS resolver settings are respected, a DNS mode in NetworkManager must be configured.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_service_autofs_disabled'.
--- xccdf_org.ssgproject.content_rule_service_autofs_disabled
+++ xccdf_org.ssgproject.content_rule_service_autofs_disabled
@@ -254,7 +254,7 @@
 RHEL-09-231040
 
 [reference]:
-SV-257849r958498_rule
+SV-257849r1014829_rule
 
 [rationale]:
 Disabling the automounter permits the administrator to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_mount_option_boot_nodev'.
--- xccdf_org.ssgproject.content_rule_mount_option_boot_nodev
+++ xccdf_org.ssgproject.content_rule_mount_option_boot_nodev
@@ -76,7 +76,7 @@
 RHEL-09-231095
 
 [reference]:
-SV-257860r958804_rule
+SV-257860r1014832_rule
 
 [rationale]:
 The only legitimate location for device files is the /dev directory

New content has different text for rule 'xccdf_org.ssgproject.content_rule_mount_option_boot_nosuid'.
--- xccdf_org.ssgproject.content_rule_mount_option_boot_nosuid
+++ xccdf_org.ssgproject.content_rule_mount_option_boot_nosuid
@@ -83,7 +83,7 @@
 RHEL-09-231100
 
 [reference]:
-SV-257861r958804_rule
+SV-257861r1014834_rule
 
 [rationale]:
 The presence of SUID and SGID executables should be tightly controlled. Users

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled'.
--- xccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled
+++ xccdf_org.ssgproject.content_rule_sysctl_kernel_kexec_load_disabled
@@ -25,7 +25,7 @@
 RHEL-09-213020
 
 [reference]:
-SV-257799r997051_rule
+SV-257799r1015074_rule
 
 [rationale]:
 Disabling kexec_load allows greater control of the kernel memory.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sysctl_user_max_user_namespaces'.
--- xccdf_org.ssgproject.content_rule_sysctl_user_max_user_namespaces
+++ xccdf_org.ssgproject.content_rule_sysctl_user_max_user_namespaces
@@ -37,7 +37,7 @@
 RHEL-09-213105
 
 [reference]:
-SV-257816r991589_rule
+SV-257816r1014825_rule
 
 [rationale]:
 It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or system objectives.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled'.
--- xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled
+++ xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled
@@ -452,7 +452,7 @@
 RHEL-09-232260
 
 [reference]:
-SV-257932r991589_rule
+SV-257932r1014838_rule
 
 [rationale]:
 If a device file carries the SELinux type device_t or

New content has different text for rule 'xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay'.
--- xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
+++ xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
@@ -17,7 +17,7 @@
 RHEL-09-252050
 
 [reference]:
-SV-257951r991589_rule
+SV-257951r1014843_rule
 
 [rationale]:
 If unrestricted mail relaying is permitted, unauthorized senders could use this

Platform has been changed for rule 'xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay'
--- xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
+++ xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
@@ -1 +1 @@
-
+oval:ssg-package_postfix:def:1

New content has different text for rule 'xccdf_org.ssgproject.content_rule_mount_option_krb_sec_remote_filesystems'.
--- xccdf_org.ssgproject.content_rule_mount_option_krb_sec_remote_filesystems
+++ xccdf_org.ssgproject.content_rule_mount_option_krb_sec_remote_filesystems
@@ -165,9 +165,6 @@
 [reference]:
 RHEL-09-231060
 
-[reference]:
-SV-257853r991589_rule
-
 [rationale]:
 When an NFS server is configured to use AUTH_SYS a selected userid and groupid are used to handle
 requests from the remote user. The userid and groupid could mistakenly or maliciously be set

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_chrony_installed'.
--- xccdf_org.ssgproject.content_rule_package_chrony_installed
+++ xccdf_org.ssgproject.content_rule_package_chrony_installed
@@ -47,7 +47,7 @@
 RHEL-09-252010
 
 [reference]:
-SV-257943r997065_rule
+SV-257943r1015081_rule
 
 [rationale]:
 Time synchronization is important to support time sensitive security mechanisms like

New content has different text for rule 'xccdf_org.ssgproject.content_rule_service_chronyd_enabled'.
--- xccdf_org.ssgproject.content_rule_service_chronyd_enabled
+++ xccdf_org.ssgproject.content_rule_service_chronyd_enabled
@@ -29,7 +29,7 @@
 RHEL-09-252015
 
 [reference]:
-SV-257944r997066_rule
+SV-257944r1015082_rule
 
 [rationale]:
 If chrony is in use on the system proper configuration is vital to ensuring time

New content has different text for rule 'xccdf_org.ssgproject.content_rule_chronyd_specify_remote_server'.
--- xccdf_org.ssgproject.content_rule_chronyd_specify_remote_server
+++ xccdf_org.ssgproject.content_rule_chronyd_specify_remote_server
@@ -59,7 +59,7 @@
 RHEL-09-252020
 
 [reference]:
-SV-257945r997067_rule
+SV-257945r1015083_rule
 
 [rationale]:
 If chrony is in use on the system proper configuration is vital to ensuring time

New content has different text for rule 'xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll'.
--- xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll
+++ xccdf_org.ssgproject.content_rule_chronyd_or_ntpd_set_maxpoll
@@ -131,7 +131,7 @@
 RHEL-09-252020
 
 [reference]:
-SV-257945r997067_rule
+SV-257945r1015083_rule
 
 [rationale]:
 Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_chronyd_server_directive'.
--- xccdf_org.ssgproject.content_rule_chronyd_server_directive
+++ xccdf_org.ssgproject.content_rule_chronyd_server_directive
@@ -30,7 +30,7 @@
 RHEL-09-252020
 
 [reference]:
-SV-257945r997067_rule
+SV-257945r1015083_rule
 
 [rationale]:
 Depending on the infrastructure being used the pool directive may not be supported.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_tftpd_uses_secure_mode'.
--- xccdf_org.ssgproject.content_rule_tftpd_uses_secure_mode
+++ xccdf_org.ssgproject.content_rule_tftpd_uses_secure_mode
@@ -378,9 +378,6 @@
 [reference]:
 RHEL-09-252055
 
-[reference]:
-SV-257952r991589_rule
-
 [rationale]:
 Using the -s option causes the TFTP service to only serve files from the
 given directory. Serving files from an intentionally-specified directory

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords'.
--- xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords
+++ xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords
@@ -400,7 +400,7 @@
 RHEL-09-255040
 
 [reference]:
-SV-257984r958486_rule
+SV-257984r1014848_rule
 
 [rationale]:
 Configuring this setting for the SSH daemon provides additional assurance

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_root_login'.
--- xccdf_org.ssgproject.content_rule_sshd_disable_root_login
+++ xccdf_org.ssgproject.content_rule_sshd_disable_root_login
@@ -442,7 +442,7 @@
 RHEL-09-255045
 
 [reference]:
-SV-257985r997069_rule
+SV-257985r1015085_rule
 
 [rationale]:
 Even though the communications channel may be encrypted, an additional layer of

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth'.
--- xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth
+++ xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth
@@ -37,7 +37,7 @@
 RHEL-09-255035
 
 [reference]:
-SV-257983r997068_rule
+SV-257983r1015084_rule
 
 [rationale]:
 Without the use of multifactor authentication, the ease of access to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sshd_use_priv_separation'.
--- xccdf_org.ssgproject.content_rule_sshd_use_priv_separation
+++ xccdf_org.ssgproject.content_rule_sshd_use_priv_separation
@@ -194,9 +194,6 @@
 [reference]:
 RHEL-09-255170
 
-[reference]:
-SV-258010r991589_rule
-
 [rationale]:
 SSH daemon privilege separation causes the SSH process to drop root privileges
 when not needed which would decrease the impact of software vulnerabilities in

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sssd_certificate_verification'.
--- xccdf_org.ssgproject.content_rule_sssd_certificate_verification
+++ xccdf_org.ssgproject.content_rule_sssd_certificate_verification
@@ -28,7 +28,7 @@
 RHEL-09-611170
 
 [reference]:
-SV-258123r997107_rule
+SV-258123r1015121_rule
 
 [rationale]:
 Ensuring that multifactor solutions certificates are checked via Online Certificate Status Protocol (OCSP)

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sssd_enable_certmap'.
--- xccdf_org.ssgproject.content_rule_sssd_enable_certmap
+++ xccdf_org.ssgproject.content_rule_sssd_enable_certmap
@@ -29,7 +29,7 @@
 RHEL-09-631015
 
 [reference]:
-SV-258132r958452_rule
+SV-258132r1014905_rule
 
 [rationale]:
 Without mapping the certificate used to authenticate to the user account, the ability to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sssd_enable_smartcards'.
--- xccdf_org.ssgproject.content_rule_sssd_enable_smartcards
+++ xccdf_org.ssgproject.content_rule_sssd_enable_smartcards
@@ -92,7 +92,7 @@
 RHEL-09-611165
 
 [reference]:
-SV-258122r997106_rule
+SV-258122r1015120_rule
 
 [rationale]:
 Using an authentication device, such as a CAC or token that is separate from

New content has different text for rule 'xccdf_org.ssgproject.content_rule_sssd_has_trust_anchor'.
--- xccdf_org.ssgproject.content_rule_sssd_has_trust_anchor
+++ xccdf_org.ssgproject.content_rule_sssd_has_trust_anchor
@@ -27,7 +27,7 @@
 RHEL-09-631010
 
 [reference]:
-SV-258131r997113_rule
+SV-258131r1015125_rule
 
 [rationale]:
 Without path validation, an informed trust decision by the relying party cannot be made when

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_usbguard_installed'.
--- xccdf_org.ssgproject.content_rule_package_usbguard_installed
+++ xccdf_org.ssgproject.content_rule_package_usbguard_installed
@@ -35,7 +35,7 @@
 RHEL-09-291015
 
 [reference]:
-SV-258035r997117_rule
+SV-258035r1014859_rule
 
 [rationale]:
 usbguard is a software framework that helps to protect

New content has different text for rule 'xccdf_org.ssgproject.content_rule_service_usbguard_enabled'.
--- xccdf_org.ssgproject.content_rule_service_usbguard_enabled
+++ xccdf_org.ssgproject.content_rule_service_usbguard_enabled
@@ -39,7 +39,7 @@
 RHEL-09-291020
 
 [reference]:
-SV-258036r997118_rule
+SV-258036r1014861_rule
 
 [rationale]:
 The usbguard service must be running in order to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_configure_usbguard_auditbackend'.
--- xccdf_org.ssgproject.content_rule_configure_usbguard_auditbackend
+++ xccdf_org.ssgproject.content_rule_configure_usbguard_auditbackend
@@ -36,7 +36,7 @@
 RHEL-09-291025
 
 [reference]:
-SV-258037r958442_rule
+SV-258037r1014863_rule
 
 [rationale]:
 Using the Linux Audit logging allows for centralized trace

New content has different text for rule 'xccdf_org.ssgproject.content_rule_usbguard_generate_policy'.
--- xccdf_org.ssgproject.content_rule_usbguard_generate_policy
+++ xccdf_org.ssgproject.content_rule_usbguard_generate_policy
@@ -27,7 +27,7 @@
 RHEL-09-291030
 
 [reference]:
-SV-258038r958820_rule
+SV-258038r1017033_rule
 
 [rationale]:
 The usbguard must be configured to allow connected USB devices to work

New content has different text for rule 'xccdf_org.ssgproject.content_rule_package_audit_installed'.
--- xccdf_org.ssgproject.content_rule_package_audit_installed
+++ xccdf_org.ssgproject.content_rule_package_audit_installed
@@ -219,7 +219,7 @@
 RHEL-09-653010
 
 [reference]:
-SV-258151r997050_rule
+SV-258151r1015126_rule
 
 [rationale]:
 The auditd service is an access monitoring and accounting daemon, watching system calls to audit any access, in comparison with potential local access control policy such as SELinux policy.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_service_auditd_enabled'.
--- xccdf_org.ssgproject.content_rule_service_auditd_enabled
+++ xccdf_org.ssgproject.content_rule_service_auditd_enabled
@@ -560,7 +560,7 @@
 RHEL-09-653015
 
 [reference]:
-SV-258152r997058_rule
+SV-258152r1015127_rule
 
 [rationale]:
 Without establishing what type of events occurred, it would be difficult

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_sudoers'.
--- xccdf_org.ssgproject.content_rule_audit_rules_sudoers
+++ xccdf_org.ssgproject.content_rule_audit_rules_sudoers
@@ -105,7 +105,7 @@
 RHEL-09-654215
 
 [reference]:
-SV-258217r997059_rule
+SV-258217r1015128_rule
 
 [rationale]:
 The actions taken by system administrators should be audited to keep a record

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d'.
--- xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d
+++ xccdf_org.ssgproject.content_rule_audit_rules_sudoers_d
@@ -105,7 +105,7 @@
 RHEL-09-654220
 
 [reference]:
-SV-258218r997060_rule
+SV-258218r1015129_rule
 
 [rationale]:
 The actions taken by system administrators should be audited to keep a record

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function'.
--- xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function
+++ xccdf_org.ssgproject.content_rule_audit_rules_suid_privilege_function
@@ -77,7 +77,7 @@
 RHEL-09-654010
 
 [reference]:
-SV-258176r958730_rule
+SV-258176r1014909_rule
 
 [rationale]:
 Misuse of privileged functions, either intentionally or unintentionally by

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_system_shutdown'.
--- xccdf_org.ssgproject.content_rule_audit_rules_system_shutdown
+++ xccdf_org.ssgproject.content_rule_audit_rules_system_shutdown
@@ -153,7 +153,7 @@
 RHEL-09-654265
 
 [reference]:
-SV-258227r958424_rule
+SV-258227r1014992_rule
 
 [rationale]:
 It is critical for the appropriate personnel to be aware if a system

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_group'.
--- xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_group
+++ xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_group
@@ -607,7 +607,7 @@
 RHEL-09-654225
 
 [reference]:
-SV-258219r997061_rule
+SV-258219r1015130_rule
 
 [rationale]:
 In addition to auditing new user and group accounts, these watches

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_gshadow'.
--- xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_gshadow
+++ xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_gshadow
@@ -607,7 +607,7 @@
 RHEL-09-654230
 
 [reference]:
-SV-258220r997062_rule
+SV-258220r1015131_rule
 
 [rationale]:
 In addition to auditing new user and group accounts, these watches

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_opasswd'.
--- xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_opasswd
+++ xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_opasswd
@@ -613,7 +613,7 @@
 RHEL-09-654235
 
 [reference]:
-SV-258221r997063_rule
+SV-258221r1015132_rule
 
 [rationale]:
 In addition to auditing new user and group accounts, these watches

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_passwd'.
--- xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_passwd
+++ xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_passwd
@@ -622,7 +622,7 @@
 RHEL-09-654240
 
 [reference]:
-SV-258222r997064_rule
+SV-258222r1015133_rule
 
 [rationale]:
 In addition to auditing new user and group accounts, these watches

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_shadow'.
--- xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_shadow
+++ xccdf_org.ssgproject.content_rule_audit_rules_usergroup_modification_shadow
@@ -607,7 +607,7 @@
 RHEL-09-654245
 
 [reference]:
-SV-258223r997075_rule
+SV-258223r1015134_rule
 
 [rationale]:
 In addition to auditing new user and group accounts, these watches

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod
@@ -454,7 +454,7 @@
 RHEL-09-654015
 
 [reference]:
-SV-258177r958412_rule
+SV-258177r1014911_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chown
@@ -457,7 +457,7 @@
 RHEL-09-654020
 
 [reference]:
-SV-258178r958412_rule
+SV-258178r1014913_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmod'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmod
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmod
@@ -454,7 +454,7 @@
 RHEL-09-654015
 
 [reference]:
-SV-258177r958412_rule
+SV-258177r1014911_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmodat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmodat
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchmodat
@@ -454,7 +454,7 @@
 RHEL-09-654015
 
 [reference]:
-SV-258177r958412_rule
+SV-258177r1014911_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchown'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchown
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchown
@@ -460,7 +460,7 @@
 RHEL-09-654020
 
 [reference]:
-SV-258178r958412_rule
+SV-258178r1014913_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchownat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchownat
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fchownat
@@ -457,7 +457,7 @@
 RHEL-09-654020
 
 [reference]:
-SV-258178r958412_rule
+SV-258178r1014913_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fremovexattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fremovexattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fremovexattr
@@ -485,7 +485,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fsetxattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fsetxattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_fsetxattr
@@ -479,7 +479,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lchown'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lchown
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lchown
@@ -457,7 +457,7 @@
 RHEL-09-654020
 
 [reference]:
-SV-258178r958412_rule
+SV-258178r1014913_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lremovexattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lremovexattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lremovexattr
@@ -491,7 +491,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lsetxattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lsetxattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_lsetxattr
@@ -479,7 +479,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_removexattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_removexattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_removexattr
@@ -490,7 +490,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_setxattr'.
--- xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_setxattr
+++ xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_setxattr
@@ -455,7 +455,7 @@
 RHEL-09-654025
 
 [reference]:
-SV-258179r958412_rule
+SV-258179r1014915_rule
 
 [rationale]:
 The changing of file permissions could indicate that a user is attempting to

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_chacl'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_chacl
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_chacl
@@ -63,7 +63,7 @@
 RHEL-09-654035
 
 [reference]:
-SV-258181r958412_rule
+SV-258181r1014918_rule
 
 [rationale]:
 Without generating audit records that are specific to the security and

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_setfacl'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_setfacl
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_setfacl
@@ -57,7 +57,7 @@
 RHEL-09-654040
 
 [reference]:
-SV-258182r958412_rule
+SV-258182r1014920_rule
 
 [rationale]:
 Without generating audit records that are specific to the security and

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon
@@ -291,7 +291,7 @@
 RHEL-09-654045
 
 [reference]:
-SV-258183r958412_rule
+SV-258183r1014922_rule
 
 [rationale]:
 Misuse of privileged functions, either intentionally or unintentionally by

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage
@@ -306,7 +306,7 @@
 RHEL-09-654050
 
 [reference]:
-SV-258184r958412_rule
+SV-258184r1014924_rule
 
 [rationale]:
 Misuse of privileged functions, either intentionally or unintentionally by

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles
@@ -81,7 +81,7 @@
 RHEL-09-654055
 
 [reference]:
-SV-258185r958412_rule
+SV-258185r1014926_rule
 
 [rationale]:
 Misuse of privileged functions, either intentionally or unintentionally by

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool'.
--- xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool
+++ xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool
@@ -279,7 +279,7 @@
 RHEL-09-654060
 
 [reference]:
-SV-258186r958412_rule
+SV-258186r1014928_rule
 
 [rationale]:
 Misuse of privileged functions, either intentionally or unintentionally by

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rename'.
--- xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rename
+++ xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rename
@@ -449,7 +449,7 @@
 RHEL-09-654065
 
 [reference]:
-SV-258187r958412_rule
+SV-258187r1014930_rule
 
 [rationale]:
 Auditing file deletions will create an audit trail for files that are removed

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_renameat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_renameat
+++ xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_renameat
@@ -449,7 +449,7 @@
 RHEL-09-654065
 
 [reference]:
-SV-258187r958412_rule
+SV-258187r1014930_rule
 
 [rationale]:
 Auditing file deletions will create an audit trail for files that are removed

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rmdir'.
--- xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rmdir
+++ xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_rmdir
@@ -446,7 +446,7 @@
 RHEL-09-654065
 
 [reference]:
-SV-258187r958412_rule
+SV-258187r1014930_rule
 
 [rationale]:
 Auditing file deletions will create an audit trail for files that are removed

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlink'.
--- xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlink
+++ xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlink
@@ -449,7 +449,7 @@
 RHEL-09-654065
 
 [reference]:
-SV-258187r958412_rule
+SV-258187r1014930_rule
 
 [rationale]:
 Auditing file deletions will create an audit trail for files that are removed

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlinkat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlinkat
+++ xccdf_org.ssgproject.content_rule_audit_rules_file_deletion_events_unlinkat
@@ -449,7 +449,7 @@
 RHEL-09-654065
 
 [reference]:
-SV-258187r958412_rule
+SV-258187r1014930_rule
 
 [rationale]:
 Auditing file deletions will create an audit trail for files that are removed

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_creat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_creat
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_creat
@@ -433,7 +433,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_ftruncate'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_ftruncate
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_ftruncate
@@ -436,7 +436,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open
@@ -436,7 +436,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_open_by_handle_at
@@ -424,7 +424,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_openat
@@ -436,7 +436,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_truncate'.
--- xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_truncate
+++ xccdf_org.ssgproject.content_rule_audit_rules_unsuccessful_file_modification_truncate
@@ -436,7 +436,7 @@
 RHEL-09-654070
 
 [reference]:
-SV-258188r958412_rule
+SV-258188r1014932_rule
 
 [rationale]:
 Unsuccessful attempts to access files could be an indicator of malicious activity on a system. Auditing

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_delete'.
--- xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_delete
+++ xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_delete
@@ -416,7 +416,7 @@
 RHEL-09-654075
 
 [reference]:
-SV-258189r958412_rule
+SV-258189r1014934_rule
 
 [rationale]:
 The removal of kernel modules can be used to alter the behavior of

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_finit'.
--- xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_finit
+++ xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_finit
@@ -416,7 +416,7 @@
 RHEL-09-654080
 
 [reference]:
-SV-258190r958412_rule
+SV-258190r1014936_rule
 
 [rationale]:
 The addition/removal of kernel modules can be used to alter the behavior of

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_init'.
--- xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_init
+++ xccdf_org.ssgproject.content_rule_audit_rules_kernel_module_loading_init
@@ -416,7 +416,7 @@
 RHEL-09-654080
 
 [reference]:
-SV-258190r958412_rule
+SV-258190r1014936_rule
 
 [rationale]:
 The addition of kernel modules can be used to alter the behavior of

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_login_events_faillock'.
--- xccdf_org.ssgproject.content_rule_audit_rules_login_events_faillock
+++ xccdf_org.ssgproject.content_rule_audit_rules_login_events_faillock
@@ -404,7 +404,7 @@
 RHEL-09-654250
 
 [reference]:
-SV-258224r958846_rule
+SV-258224r1014988_rule
 
 [rationale]:
 Manual editing of these files may indicate nefarious activity, such

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_login_events_lastlog'.
--- xccdf_org.ssgproject.content_rule_audit_rules_login_events_lastlog
+++ xccdf_org.ssgproject.content_rule_audit_rules_login_events_lastlog
@@ -431,7 +431,7 @@
 RHEL-09-654255
 
 [reference]:
-SV-258225r958412_rule
+SV-258225r1014990_rule
 
 [rationale]:
 Manual editing of these files may indicate nefarious activity, such

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_privileged_commands_init'.
--- xccdf_org.ssgproject.content_rule_audit_privileged_commands_init
+++ xccdf_org.ssgproject.content_rule_audit_privileged_commands_init
@@ -27,7 +27,7 @@
 RHEL-09-654185
 
 [reference]:
-SV-258211r991586_rule
+SV-258211r1014976_rule
 
 [rationale]:
 Misuse of the init command may cause availability issues for the system.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_privileged_commands_poweroff'.
--- xccdf_org.ssgproject.content_rule_audit_privileged_commands_poweroff
+++ xccdf_org.ssgproject.content_rule_audit_privileged_commands_poweroff
@@ -27,7 +27,7 @@
 RHEL-09-654190
 
 [reference]:
-SV-258212r991586_rule
+SV-258212r1014978_rule
 
 [rationale]:
 Misuse of the poweroff command may cause availability issues for the system.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_privileged_commands_reboot'.
--- xccdf_org.ssgproject.content_rule_audit_privileged_commands_reboot
+++ xccdf_org.ssgproject.content_rule_audit_privileged_commands_reboot
@@ -27,7 +27,7 @@
 RHEL-09-654195
 
 [reference]:
-SV-258213r991586_rule
+SV-258213r1014980_rule
 
 [rationale]:
 Misuse of the reboot command may cause availability issues for the system.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_privileged_commands_shutdown'.
--- xccdf_org.ssgproject.content_rule_audit_privileged_commands_shutdown
+++ xccdf_org.ssgproject.content_rule_audit_privileged_commands_shutdown
@@ -27,7 +27,7 @@
 RHEL-09-654200
 
 [reference]:
-SV-258214r991586_rule
+SV-258214r1017037_rule
 
 [rationale]:
 Misuse of the shutdown command may cause availability issues for the system.

New content has different text for rule 'xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage'.
--- xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage
+++ xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage
@@ -303,7 +303,7 @@
 RHEL-09-6

... The diff is trimmed here ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
New Rule Issues or pull requests related to new Rules. RHEL9 Red Hat Enterprise Linux 9 product related. STIG STIG Benchmark related. Update Profile Issues or pull requests related to Profiles updates.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Update RHEL9 DISA STIG to V2R2
1 participant