Produced by Araxis Merge on 5/14/2018 1:18:37 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build\playbooks | audit_perm_mod_rule.yml | Tue Mar 27 23:51:06 2018 UTC |
| 2 | MCCF_EDI_TAS_Infrastructure.zip\MCCF_EDI_TAS_Infrastructure\mag_sys_build\playbooks | audit_perm_mod_rule.yml | Tue May 8 03:18:26 2018 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 58 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | # Ansible Playbook | |
| 2 | # | |
| 3 | # Erik van Oudheusde n PII - 28 Sep 2 017 | |
| 4 | # Record E vents that Modify th e System's Discretio nary Acces s Controls | |
| 5 | ||
| 6 | --- | |
| 7 | - name: Re cord Event s that Mod ify the Sy stem's Dis cretionary Access Co ntrols | |
| 8 | hosts: r hel7 | |
| 9 | become: yes | |
| 10 | tasks: | |
| 11 | - name: Create per m_mod.rule s | |
| 12 | blocki nfile: | |
| 13 | path : /etc/aud it/rules.d /perm_mod. rules | |
| 14 | crea te: yes | |
| 15 | back up: yes | |
| 16 | mark er: "## {m ark} Added for VA CR ISP" | |
| 17 | owne r: root | |
| 18 | grou p: root | |
| 19 | mode : 0600 | |
| 20 | cont ent: | | |
| 21 | # | |
| 22 | -a always,ex it -F arch =b32 -S ch mod -S fch mod -S fch modat -F a uid>=1000 -F auid!=4 294967295 -k perm_mo d | |
| 23 | -a always,ex it -F arch =b64 -S ch mod -S fch mod -S fch modat -F a uid>=1000 -F auid!=4 294967295 -k perm_mo d | |
| 24 | -a always,ex it -F arch =b32 -S ch own -S fch own -S fch ownat -S l chown -F a uid>=1000 -F auid!=4 294967295 -k perm_mo d | |
| 25 | -a always,ex it -F arch =b64 -S ch own -S fch own -S fch ownat -S l chown -F a uid>=1000 -F auid!=4 294967295 -k perm_mo d | |
| 26 | -a always,ex it -F arch =b32 -S se txattr -S lsetxattr -S fsetxat tr -S remo vexattr -S lremovexa ttr -S fre movexattr -F auid>=1 000 -F aui d!=4294967 295 -k per m_mod | |
| 27 | -a always,ex it -F arch =b64 -S se txattr -S lsetxattr -S fsetxat tr -S remo vexattr -S lremovexa ttr -S fre movexattr -F auid>=1 000 -F aui d!=4294967 295 -k per m_mod | |
| 28 | # | |
| 29 | ||
| 30 |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.