Correct YAML lint errors

2025-02-22 22:25:33 +01:00 · 2020-12-21 17:53:44 +00:00 · 2020-12-21 17:53:44 +00:00 · 7439ea9dab
commit 7439ea9dab
parent 599b4a1100
1 changed files with 16 additions and 31 deletions
--- a/cfg/2.0.0/definitions.yaml
+++ b/cfg/2.0.0/definitions.yaml
@ -1479,7 +1479,6 @@ groups:
                op: eq
                value: "0"
              set: false            
-            test_items:
            - flag: "enforcing"
              compare:
                op: eq
@ -2456,7 +2455,7 @@ groups:
        test_items:
        - flag: "restrict -4 default kod nomodify notrap nopeer noquery"
          set: true
-          flag: "restrict -6 default kod nomodify notrap nopeer noquery"
+        - flag: "restrict -6 default kod nomodify notrap nopeer noquery"
          set: true
      remediation: |
            Add or edit restrict lines in `/etc/ntp.conf` to match the following:
@ -6736,7 +6735,6 @@ groups:
            and add the following lines:
            -w /etc/sudoers -p wa -k scope
            -w /etc/sudoers.d/ -p wa -k scope
-            
      scored: true
            
    - id: 4.1.16.b
@ -6755,14 +6753,6 @@ groups:
            and add the following lines:
            -w /etc/sudoers -p wa -k scope
            -w /etc/sudoers.d/ -p wa -k scope            
-            
-      scored: true                     
-      remediation: |
-            Add the following line to the `/etc/audit/rules.d/*.rules` file:
-            
-            -w /etc/sudoers -p wa -k scope
-            -w /etc/sudoers.d/ -p wa -k scope
-            
      scored: true

    - id: 4.1.17.a
@ -6780,7 +6770,6 @@ groups:
            Example: vi /etc/audit/rules.d/audit.rules 
            and add the following lines:
            -w /var/log/sudo.log -p wa -k actions           
-            
      scored: true
            
    - id: 4.1.17.b
@ -6795,7 +6784,6 @@ groups:
            Example: vi /etc/audit/rules.d/audit.rules 
            and add the following lines:
            -w /var/log/sudo.log -p wa -k actions
-            
      scored: true
            
    - id: 4.1.18.a
@ -6820,7 +6808,6 @@ groups:
            -w /sbin/rmmod -p x -k modules
            -w /sbin/modprobe -p x -k modules
            -a always,exit -F arch=b64 -S init_module -S delete_module -k modules
-            
      scored: true

    - id: 4.1.18.b
@ -6845,10 +6832,8 @@ groups:
            -w /sbin/rmmod -p x -k modules
            -w /sbin/modprobe -p x -k modules
            -a always,exit -F arch=b64 -S init_module -S delete_module -k modules
-            
      scored: true
              
-      scored: true              
    - id: 4.1.19
      description: "Ensure the audit configuration is immutable"
      audit: "grep ^\\s*[^#] /etc/audit/rules.d/*.rules | tail -1"