change control files to add the new rule

ComplianceAsCode · Jan 16, 2025 · 830dc2c · 830dc2c
1 parent b36d3e5
commit 830dc2c
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 1 deletion.
diff --git a/controls/anssi.yml b/controls/anssi.yml
@@ -1517,7 +1517,11 @@ controls:
     - audit_rules_time_stime
     - audit_rules_time_watch_localtime
 
+    {{% if product == "rhel10" %}}
+    - audit_rules_mac_modification_etc_selinux
+    {{% else %}}
     - audit_rules_mac_modification
+    {{% endif %}}
 
     - audit_rules_networkconfig_modification
 

diff --git a/controls/cis_rhel10.yml b/controls/cis_rhel10.yml
@@ -2650,7 +2650,7 @@ controls:
       - l2_workstation
     status: automated
     rules:
-      - audit_rules_mac_modification
+      - audit_rules_mac_modification_etc_selinux
       - audit_rules_mac_modification_usr_share
 
   - id: 6.3.3.15

diff --git a/controls/hipaa.yml b/controls/hipaa.yml
@@ -117,7 +117,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -277,7 +281,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -469,7 +477,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -1199,7 +1211,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -1335,7 +1351,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -1498,7 +1518,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification
@@ -1592,7 +1616,11 @@ controls:
             - audit_rules_privileged_commands_unix_chkpwd
             - audit_rules_privileged_commands_userhelper
             - audit_rules_immutable
+            {{% if product == "rhel10" %}}
+            - audit_rules_mac_modification_etc_selinux
+            {{% else %}}
             - audit_rules_mac_modification
+            {{% endif %}}
             - audit_rules_mac_modification_usr_share
             - audit_rules_media_export
             - audit_rules_networkconfig_modification

diff --git a/controls/pcidss_4.yml b/controls/pcidss_4.yml
@@ -2859,7 +2859,11 @@ controls:
         - base
       status: automated
       rules:
+        {{% if product == "rhel10" %}}
+        - audit_rules_mac_modification_etc_selinux
+        {{% else %}}
         - audit_rules_mac_modification
+        {{% endif %}}
         - audit_rules_dac_modification_chmod
         - audit_rules_dac_modification_chown
         - audit_rules_dac_modification_fchmod