IV51677: ALL CHECKS FOR AUDIT.RULES PASS EVEN IF THE REQUIRED ENTRIES ARE COMMENTED OUT

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Create a new site and copy over the SCM contents for "CIS
    Checklist for RHEL 6". Deploy the scan.
    
    One of the checks is showed as compliant but it shouldn't
    
    Fixlet - Collect Unsuccessful Unauthorized Access Attempts to
    Files (CIS 5.2.11)
    
    
    In fact the check shows that the system passed the
    check (<STATUS>= PASS), but in the "/etc/audit/audit.rules"
    file the entire section of "Collect Unsuccessful Unauthorized
    Access attempts to Files" has been commented out
    

Local fix

Problem summary

  • N/A
    

Problem conclusion

  • Fixed in CIS Checklist for RHEL 6 = site version 5.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV51677

  • Reported component name

    TV EP MG SEC CF

  • Reported component ID

    5725C43SM

  • Reported release

    900

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-11-07

  • Closed date

    2013-11-14

  • Last modified date

    2013-11-14

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TV EP MG SEC CF

  • Fixed component ID

    5725C43SM

Applicable component levels

  • R900 PSY

       UP



Document information


More support for:

IBM BigFix family

Software version:

900

Reference #:

IV51677

Modified date:

2013-11-14

Translate my page

Content navigation