diff --git a/tests/assertions/ocp4/ocp4-cis-4.12.yml b/tests/assertions/ocp4/ocp4-cis-4.12.yml index 8352ca2beb27..dee6bce12708 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.12.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.12.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.13.yml b/tests/assertions/ocp4/ocp4-cis-4.13.yml index 3ddb36804823..8ec536a45498 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.13.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.13.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.14.yml b/tests/assertions/ocp4/ocp4-cis-4.14.yml index 3ddb36804823..8ec536a45498 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.14.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.14.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.15.yml b/tests/assertions/ocp4/ocp4-cis-4.15.yml index c66ca3fa878e..2846d46e66aa 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.15.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.15.yml @@ -1,301 +1,301 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.16.yml b/tests/assertions/ocp4/ocp4-cis-4.16.yml index 27770db764ac..e39d1102355b 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.16.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.16.yml @@ -1,277 +1,277 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.17.yml b/tests/assertions/ocp4/ocp4-cis-4.17.yml index af3b7e578147..dcec7a24267d 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.17.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.17.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-4.18.yml b/tests/assertions/ocp4/ocp4-cis-4.18.yml index af3b7e578147..dcec7a24267d 100644 --- a/tests/assertions/ocp4/ocp4-cis-4.18.yml +++ b/tests/assertions/ocp4/ocp4-cis-4.18.yml @@ -1,302 +1,302 @@ rule_results: - e2e-cis-accounts-restrict-service-account-tokens: + ocp4-cis-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-accounts-unique-service-account: + ocp4-cis-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-api-server-admission-control-plugin-alwaysadmit: + ocp4-cis-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-alwayspullimages: + ocp4-cis-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-namespacelifecycle: + ocp4-cis-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-noderestriction: + ocp4-cis-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-scc: + ocp4-cis-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-admission-control-plugin-service-account: + ocp4-cis-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-anonymous-auth: + ocp4-cis-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-api-priority-gate-enabled: + ocp4-cis-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-audit-log-maxbackup: + ocp4-cis-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-maxsize: + ocp4-cis-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-audit-log-path: + ocp4-cis-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-no-aa: + ocp4-cis-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-auth-mode-rbac: + ocp4-cis-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-basic-auth: + ocp4-cis-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-bind-address: + ocp4-cis-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-client-ca: + ocp4-cis-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-encryption-provider-cipher: + ocp4-cis-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-etcd-ca: + ocp4-cis-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-cert: + ocp4-cis-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-etcd-key: + ocp4-cis-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-https-for-kubelet-conn: + ocp4-cis-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-bind-address: + ocp4-cis-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-insecure-port: + ocp4-cis-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-certificate-authority: + ocp4-cis-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert: + ocp4-cis-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-cert-pre-4-9: + ocp4-cis-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-kubelet-client-key: + ocp4-cis-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-kubelet-client-key-pre-4-9: + ocp4-cis-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-api-server-oauth-https-serving-cert: + ocp4-cis-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-openshift-https-serving-cert: + ocp4-cis-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-profiling-protected-by-rbac: + ocp4-cis-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-request-timeout: + ocp4-cis-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-lookup: + ocp4-cis-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-service-account-public-key: + ocp4-cis-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cert: + ocp4-cis-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-cipher-suites: + ocp4-cis-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-tls-private-key: + ocp4-cis-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-api-server-token-auth: + ocp4-cis-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-log-forwarding-enabled: + ocp4-cis-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-cis-audit-log-forwarding-webhook: + ocp4-cis-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-audit-logging-enabled: + ocp4-cis-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-cis-audit-profile-set: + ocp4-cis-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-cis-configure-network-policies: + ocp4-cis-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-cis-configure-network-policies-hypershift-hosted: + ocp4-cis-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-configure-network-policies-namespaces: + ocp4-cis-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-insecure-port-disabled: + ocp4-cis-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-secure-port: + ocp4-cis-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-ca: + ocp4-cis-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-service-account-private-key: + ocp4-cis-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-cis-controller-use-service-account: + ocp4-cis-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-auto-tls: + ocp4-cis-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-cert-file: + ocp4-cis-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-client-cert-auth: + ocp4-cis-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-key-file: + ocp4-cis-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-auto-tls: + ocp4-cis-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-cert-file: + ocp4-cis-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-client-cert-auth: + ocp4-cis-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-cis-etcd-peer-key-file: + ocp4-cis-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-cis-file-groupowner-proxy-kubeconfig: + ocp4-cis-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-owner-proxy-kubeconfig: + ocp4-cis-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-file-permissions-proxy-kubeconfig: + ocp4-cis-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-cis-general-apply-scc: + ocp4-cis-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-namespace-use: + ocp4-cis-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-default-seccomp-profile: + ocp4-cis-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-general-namespaces-in-use: + ocp4-cis-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-idp-is-configured: + ocp4-cis-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-cis-kubeadmin-removed: + ocp4-cis-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-cis-kubelet-configure-tls-cert: + ocp4-cis-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-configure-tls-key: + ocp4-cis-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-cis-kubelet-disable-readonly-port: + ocp4-cis-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-allowed-registries: + ocp4-cis-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-allowed-registries-for-import: + ocp4-cis-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-cis-ocp-api-server-audit-log-maxbackup: + ocp4-cis-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-api-server-audit-log-maxsize: + ocp4-cis-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-allowed-registries-for-import: + ocp4-cis-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-cis-ocp-insecure-registries: + ocp4-cis-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-cis-openshift-api-server-audit-log-path: + ocp4-cis-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-debug-role-protects-pprof: + ocp4-cis-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-cis-rbac-least-privilege: + ocp4-cis-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-cluster-admin: + ocp4-cis-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-limit-secrets-access: + ocp4-cis-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-pod-creation-access: + ocp4-cis-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-rbac-wildcard-use: + ocp4-cis-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-drop-container-capabilities: + ocp4-cis-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-container-allowed-capabilities: + ocp4-cis-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-cis-scc-limit-ipc-namespace: + ocp4-cis-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-net-raw-capability: + ocp4-cis-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-network-namespace: + ocp4-cis-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privilege-escalation: + ocp4-cis-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-privileged-containers: + ocp4-cis-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-process-id-namespace: + ocp4-cis-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scc-limit-root-containers: + ocp4-cis-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-scheduler-profiling-protected-by-rbac: + ocp4-cis-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-scheduler-service-protected-by-rbac: + ocp4-cis-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-cis-secrets-consider-external-storage: + ocp4-cis-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-secrets-no-environment-variables: + ocp4-cis-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-cis-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-cis-api-server-tls-security-profile-custom-min-tls-version: + ocp4-cis-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS - e2e-cis-api-server-tls-security-profile-not-old: + ocp4-cis-api-server-tls-security-profile-not-old: default_result: PASS diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.12.yml b/tests/assertions/ocp4/ocp4-cis-node-4.12.yml index 98b11ae72830..4f0ca8e25956 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.12.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.13.yml b/tests/assertions/ocp4/ocp4-cis-node-4.13.yml index 98b11ae72830..4f0ca8e25956 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.13.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.14.yml b/tests/assertions/ocp4/ocp4-cis-node-4.14.yml index 8b498653fd54..7a6c5dc45752 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.14.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.15.yml b/tests/assertions/ocp4/ocp4-cis-node-4.15.yml index 8b498653fd54..7a6c5dc45752 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.15.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.16.yml b/tests/assertions/ocp4/ocp4-cis-node-4.16.yml index 8b498653fd54..7a6c5dc45752 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.16.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.17.yml b/tests/assertions/ocp4/ocp4-cis-node-4.17.yml index 8b498653fd54..7a6c5dc45752 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.17.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-cis-node-4.18.yml b/tests/assertions/ocp4/ocp4-cis-node-4.18.yml index 8b498653fd54..7a6c5dc45752 100644 --- a/tests/assertions/ocp4/ocp4-cis-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-cis-node-4.18.yml @@ -1,421 +1,421 @@ rule_results: - e2e-cis-node-master-etcd-unique-ca: + ocp4-cis-node-master-etcd-unique-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-cni-conf: + ocp4-cis-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-dir: + ocp4-cis-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-data-files: + ocp4-cis-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-member: + ocp4-cis-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-cis-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ip-allocations: + ocp4-cis-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-kube-apiserver: + ocp4-cis-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-controller-manager: + ocp4-cis-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-groupowner-kube-scheduler: + ocp4-cis-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-groupowner-kubelet-conf: + ocp4-cis-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-groupowner-multus-conf: + ocp4-cis-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovn-db-files: + ocp4-cis-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-pid: + ocp4-cis-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-ca: + ocp4-cis-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-kubeconfig: + ocp4-cis-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-groupowner-worker-service: + ocp4-cis-node-master-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-master-file-owner-cni-conf: + ocp4-cis-node-master-file-owner-cni-conf: default_result: PASS - e2e-cis-node-master-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-dir: + ocp4-cis-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-owner-etcd-data-files: + ocp4-cis-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-owner-etcd-member: + ocp4-cis-node-master-file-owner-etcd-member: default_result: PASS - e2e-cis-node-master-file-owner-etcd-pki-cert-files: + ocp4-cis-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-ip-allocations: + ocp4-cis-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-kube-apiserver: + ocp4-cis-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-owner-kube-controller-manager: + ocp4-cis-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-owner-kube-scheduler: + ocp4-cis-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-cis-node-master-file-owner-kubelet: + ocp4-cis-node-master-file-owner-kubelet: default_result: PASS - e2e-cis-node-master-file-owner-kubelet-conf: + ocp4-cis-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-owner-multus-conf: + ocp4-cis-node-master-file-owner-multus-conf: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-cert-files: + ocp4-cis-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-pki-key-files: + ocp4-cis-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-owner-ovn-cni-server-sock: + ocp4-cis-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-owner-ovn-db-files: + ocp4-cis-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db: + ocp4-cis-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-owner-ovs-conf-db-lock: + ocp4-cis-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-owner-ovs-pid: + ocp4-cis-node-master-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovs-sys-id-conf: + ocp4-cis-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-owner-ovsdb-server-pid: + ocp4-cis-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-owner-scheduler-kubeconfig: + ocp4-cis-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-ca: + ocp4-cis-node-master-file-owner-worker-ca: default_result: PASS - e2e-cis-node-master-file-owner-worker-kubeconfig: + ocp4-cis-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-owner-worker-service: + ocp4-cis-node-master-file-owner-worker-service: default_result: PASS - e2e-cis-node-master-file-permissions-cni-conf: + ocp4-cis-node-master-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-dir: + ocp4-cis-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-data-files: + ocp4-cis-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-member: + ocp4-cis-node-master-file-permissions-etcd-member: default_result: PASS - e2e-cis-node-master-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-ip-allocations: + ocp4-cis-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-master-file-permissions-kube-apiserver: + ocp4-cis-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-cis-node-master-file-permissions-kube-controller-manager: + ocp4-cis-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-cis-node-master-file-permissions-kubelet-conf: + ocp4-cis-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-cis-node-master-file-permissions-multus-conf: + ocp4-cis-node-master-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-cis-node-master-file-permissions-openshift-pki-key-files: + ocp4-cis-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-master-file-permissions-ovn-db-files: + ocp4-cis-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db: + ocp4-cis-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-pid: + ocp4-cis-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-master-file-permissions-ovsdb-server-pid: + ocp4-cis-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler: + ocp4-cis-node-master-file-permissions-scheduler: default_result: PASS - e2e-cis-node-master-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-ca: + ocp4-cis-node-master-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-master-file-permissions-worker-kubeconfig: + ocp4-cis-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-master-file-permissions-worker-service: + ocp4-cis-node-master-file-permissions-worker-service: default_result: PASS - e2e-cis-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-master-kubelet-anonymous-auth: + ocp4-cis-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-master-kubelet-authorization-mode: + ocp4-cis-node-master-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-master-kubelet-configure-client-ca: + ocp4-cis-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-master-kubelet-configure-event-creation: + ocp4-cis-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-master-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-master-kubelet-enable-cert-rotation: + ocp4-cis-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-client-cert-rotation: + ocp4-cis-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-iptables-util-chains: + ocp4-cis-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-master-kubelet-enable-server-cert-rotation: + ocp4-cis-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-master-kubelet-enable-streaming-connections: + ocp4-cis-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-worker-etcd-unique-ca: + ocp4-cis-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-cni-conf: + ocp4-cis-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-dir: + ocp4-cis-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-data-files: + ocp4-cis-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-member: + ocp4-cis-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ip-allocations: + ocp4-cis-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-apiserver: + ocp4-cis-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-controller-manager: + ocp4-cis-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kube-scheduler: + ocp4-cis-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-kubelet-conf: + ocp4-cis-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-multus-conf: + ocp4-cis-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-cis-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovn-db-files: + ocp4-cis-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-pid: + ocp4-cis-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-cis-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-worker-ca: + ocp4-cis-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-kubeconfig: + ocp4-cis-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-groupowner-worker-service: + ocp4-cis-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-cis-node-worker-file-owner-cni-conf: + ocp4-cis-node-worker-file-owner-cni-conf: default_result: PASS - e2e-cis-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-dir: + ocp4-cis-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-data-files: + ocp4-cis-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-member: + ocp4-cis-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-etcd-pki-cert-files: + ocp4-cis-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ip-allocations: + ocp4-cis-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-apiserver: + ocp4-cis-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-controller-manager: + ocp4-cis-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kube-scheduler: + ocp4-cis-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-kubelet: + ocp4-cis-node-worker-file-owner-kubelet: default_result: PASS - e2e-cis-node-worker-file-owner-kubelet-conf: + ocp4-cis-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-multus-conf: + ocp4-cis-node-worker-file-owner-multus-conf: default_result: PASS - e2e-cis-node-worker-file-owner-openshift-pki-cert-files: + ocp4-cis-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-pki-key-files: + ocp4-cis-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-ovn-cni-server-sock: + ocp4-cis-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-owner-ovn-db-files: + ocp4-cis-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db: + ocp4-cis-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-conf-db-lock: + ocp4-cis-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-pid: + ocp4-cis-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-sys-id-conf: + ocp4-cis-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-owner-ovsdb-server-pid: + ocp4-cis-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-owner-scheduler-kubeconfig: + ocp4-cis-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-owner-worker-ca: + ocp4-cis-node-worker-file-owner-worker-ca: default_result: PASS - e2e-cis-node-worker-file-owner-worker-kubeconfig: + ocp4-cis-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-owner-worker-service: + ocp4-cis-node-worker-file-owner-worker-service: default_result: PASS - e2e-cis-node-worker-file-permissions-cni-conf: + ocp4-cis-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-cis-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-dir: + ocp4-cis-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-data-files: + ocp4-cis-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-member: + ocp4-cis-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-cis-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ip-allocations: + ocp4-cis-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-apiserver: + ocp4-cis-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kube-controller-manager: + ocp4-cis-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-kubelet-conf: + ocp4-cis-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-cis-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-multus-conf: + ocp4-cis-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-openshift-pki-key-files: + ocp4-cis-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-cis-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovn-db-files: + ocp4-cis-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db: + ocp4-cis-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-cis-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-pid: + ocp4-cis-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-cis-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-cis-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-cis-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-ovsdb-server-pid: + ocp4-cis-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-cis-node-worker-file-permissions-scheduler: + ocp4-cis-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-cis-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-cis-node-worker-file-permissions-worker-ca: + ocp4-cis-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-kubeconfig: + ocp4-cis-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-cis-node-worker-file-permissions-worker-service: + ocp4-cis-node-worker-file-permissions-worker-service: default_result: PASS - e2e-cis-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-cis-node-worker-kubelet-anonymous-auth: + ocp4-cis-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-cis-node-worker-kubelet-authorization-mode: + ocp4-cis-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-cis-node-worker-kubelet-configure-client-ca: + ocp4-cis-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-cis-node-worker-kubelet-configure-event-creation: + ocp4-cis-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-cis-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-cis-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-cis-node-worker-kubelet-enable-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-client-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-iptables-util-chains: + ocp4-cis-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-cis-node-worker-kubelet-enable-server-cert-rotation: + ocp4-cis-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-cis-node-worker-kubelet-enable-streaming-connections: + ocp4-cis-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-cis-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-cis-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-e8-4.12.yml b/tests/assertions/ocp4/ocp4-e8-4.12.yml index e82d51223418..22a87816f8a3 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.12.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.12.yml @@ -1,37 +1,37 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.13.yml b/tests/assertions/ocp4/ocp4-e8-4.13.yml index 3640e37f7ac9..502cfbd94f64 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.13.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.13.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.14.yml b/tests/assertions/ocp4/ocp4-e8-4.14.yml index 3640e37f7ac9..502cfbd94f64 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.14.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.14.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.15.yml b/tests/assertions/ocp4/ocp4-e8-4.15.yml index e82d51223418..22a87816f8a3 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.15.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.15.yml @@ -1,37 +1,37 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-e8-4.16.yml b/tests/assertions/ocp4/ocp4-e8-4.16.yml index 3640e37f7ac9..502cfbd94f64 100644 --- a/tests/assertions/ocp4/ocp4-e8-4.16.yml +++ b/tests/assertions/ocp4/ocp4-e8-4.16.yml @@ -1,29 +1,29 @@ rule_results: - e2e-e8-api-server-encryption-provider-cipher: + ocp4-e8-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-e8-api-server-tls-cipher-suites: + ocp4-e8-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-e8-ocp-allowed-registries: + ocp4-e8-ocp-allowed-registries: default_result: FAIL - e2e-e8-ocp-allowed-registries-for-import: + ocp4-e8-ocp-allowed-registries-for-import: default_result: FAIL - e2e-e8-ocp-idp-no-htpasswd: + ocp4-e8-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-e8-rbac-limit-cluster-admin: + ocp4-e8-rbac-limit-cluster-admin: default_result: MANUAL - e2e-e8-rbac-pod-creation-access: + ocp4-e8-rbac-pod-creation-access: default_result: MANUAL - e2e-e8-rbac-wildcard-use: + ocp4-e8-rbac-wildcard-use: default_result: MANUAL - e2e-e8-scc-limit-container-allowed-capabilities: + ocp4-e8-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-e8-scc-limit-privilege-escalation: + ocp4-e8-scc-limit-privilege-escalation: default_result: MANUAL - e2e-e8-scc-limit-privileged-containers: + ocp4-e8-scc-limit-privileged-containers: default_result: MANUAL - e2e-e8-scc-limit-root-containers: + ocp4-e8-scc-limit-root-containers: default_result: MANUAL diff --git a/tests/assertions/ocp4/ocp4-high-4.12.yml b/tests/assertions/ocp4/ocp4-high-4.12.yml index 189722cdbb94..3c2afb565370 100644 --- a/tests/assertions/ocp4/ocp4-high-4.12.yml +++ b/tests/assertions/ocp4/ocp4-high-4.12.yml @@ -1,414 +1,414 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.13.yml b/tests/assertions/ocp4/ocp4-high-4.13.yml index 894eba187153..3fc90c0c27ce 100644 --- a/tests/assertions/ocp4/ocp4-high-4.13.yml +++ b/tests/assertions/ocp4/ocp4-high-4.13.yml @@ -1,386 +1,386 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.14.yml b/tests/assertions/ocp4/ocp4-high-4.14.yml index 25fa3a11f0a3..608960c57a47 100644 --- a/tests/assertions/ocp4/ocp4-high-4.14.yml +++ b/tests/assertions/ocp4/ocp4-high-4.14.yml @@ -1,386 +1,386 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.15.yml b/tests/assertions/ocp4/ocp4-high-4.15.yml index 38061b21aa58..ad653f6bab00 100644 --- a/tests/assertions/ocp4/ocp4-high-4.15.yml +++ b/tests/assertions/ocp4/ocp4-high-4.15.yml @@ -1,413 +1,413 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.16.yml b/tests/assertions/ocp4/ocp4-high-4.16.yml index 38061b21aa58..ad653f6bab00 100644 --- a/tests/assertions/ocp4/ocp4-high-4.16.yml +++ b/tests/assertions/ocp4/ocp4-high-4.16.yml @@ -1,413 +1,413 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.17.yml b/tests/assertions/ocp4/ocp4-high-4.17.yml index c676ecc5a0a3..15f2b5488f17 100644 --- a/tests/assertions/ocp4/ocp4-high-4.17.yml +++ b/tests/assertions/ocp4/ocp4-high-4.17.yml @@ -1,415 +1,415 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-4.18.yml b/tests/assertions/ocp4/ocp4-high-4.18.yml index c676ecc5a0a3..15f2b5488f17 100644 --- a/tests/assertions/ocp4/ocp4-high-4.18.yml +++ b/tests/assertions/ocp4/ocp4-high-4.18.yml @@ -1,415 +1,415 @@ rule_results: - e2e-high-accounts-restrict-service-account-tokens: + ocp4-high-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-accounts-unique-service-account: + ocp4-high-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-alert-receiver-configured: + ocp4-high-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-api-server-admission-control-plugin-alwaysadmit: + ocp4-high-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-alwayspullimages: + ocp4-high-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-namespacelifecycle: + ocp4-high-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-noderestriction: + ocp4-high-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-scc: + ocp4-high-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-securitycontextdeny: + ocp4-high-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-admission-control-plugin-service-account: + ocp4-high-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-anonymous-auth: + ocp4-high-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-flowschema-catch-all: + ocp4-high-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-api-priority-gate-enabled: + ocp4-high-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-audit-log-maxbackup: + ocp4-high-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-maxsize: + ocp4-high-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-audit-log-path: + ocp4-high-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-no-aa: + ocp4-high-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-node: + ocp4-high-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-auth-mode-rbac: + ocp4-high-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-basic-auth: + ocp4-high-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-bind-address: + ocp4-high-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-client-ca: + ocp4-high-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-encryption-provider-cipher: + ocp4-high-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-etcd-ca: + ocp4-high-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-cert: + ocp4-high-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-etcd-key: + ocp4-high-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-https-for-kubelet-conn: + ocp4-high-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-bind-address: + ocp4-high-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-insecure-port: + ocp4-high-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-certificate-authority: + ocp4-high-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert: + ocp4-high-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-cert-pre-4-9: + ocp4-high-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-kubelet-client-key: + ocp4-high-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-kubelet-client-key-pre-4-9: + ocp4-high-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-api-server-no-adm-ctrl-plugins-disabled: + ocp4-high-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-oauth-https-serving-cert: + ocp4-high-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-openshift-https-serving-cert: + ocp4-high-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-profiling-protected-by-rbac: + ocp4-high-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-request-timeout: + ocp4-high-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-lookup: + ocp4-high-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-service-account-public-key: + ocp4-high-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cert: + ocp4-high-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-cipher-suites: + ocp4-high-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-private-key: + ocp4-high-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile: + ocp4-high-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-token-auth: + ocp4-high-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-high-audit-error-alert-exists: + ocp4-high-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-high-audit-log-forwarding-enabled: + ocp4-high-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-uses-tls: + ocp4-high-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-high-audit-log-forwarding-webhook: + ocp4-high-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-audit-logging-enabled: + ocp4-high-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-audit-profile-set: + ocp4-high-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-high-banner-or-login-template-set: + ocp4-high-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-logging-operator-exist: + ocp4-high-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-high-cluster-version-operator-exists: + ocp4-high-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-version-operator-verify-integrity: + ocp4-high-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-high-cluster-wide-proxy-set: + ocp4-high-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-high-compliance-notification-enabled: + ocp4-high-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies: + ocp4-high-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-high-configure-network-policies-hypershift-hosted: + ocp4-high-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-configure-network-policies-namespaces: + ocp4-high-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-high-controller-insecure-port-disabled: + ocp4-high-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-controller-rotate-kubelet-server-certs: + ocp4-high-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-controller-secure-port: + ocp4-high-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-ca: + ocp4-high-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-high-controller-service-account-private-key: + ocp4-high-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-controller-use-service-account: + ocp4-high-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-high-default-ingress-ca-replaced: + ocp4-high-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-high-etcd-auto-tls: + ocp4-high-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-cert-file: + ocp4-high-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-client-cert-auth: + ocp4-high-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-key-file: + ocp4-high-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-auto-tls: + ocp4-high-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-cert-file: + ocp4-high-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-client-cert-auth: + ocp4-high-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-high-etcd-peer-key-file: + ocp4-high-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-high-file-groupowner-proxy-kubeconfig: + ocp4-high-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-integrity-exists: + ocp4-high-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-integrity-notification-enabled: + ocp4-high-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-file-owner-proxy-kubeconfig: + ocp4-high-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-file-permissions-proxy-kubeconfig: + ocp4-high-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-fips-mode-enabled-on-all-nodes: + ocp4-high-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-high-general-apply-scc: + ocp4-high-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-configure-imagepolicywebhook: + ocp4-high-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-namespace-use: + ocp4-high-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-default-seccomp-profile: + ocp4-high-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-general-namespaces-in-use: + ocp4-high-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-gitops-operator-exists: + ocp4-high-gitops-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-idp-is-configured: + ocp4-high-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-certificate: + ocp4-high-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-high-ingress-controller-tls-security-profile: + ocp4-high-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-high-kubeadmin-removed: + ocp4-high-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-high-kubelet-configure-tls-cert: + ocp4-high-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-configure-tls-cert-pre-4-9: + ocp4-high-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-kubelet-configure-tls-key: + ocp4-high-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-high-kubelet-disable-readonly-port: + ocp4-high-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-inactivity-timeout: + ocp4-high-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-oauth-or-oauthclient-token-maxage: + ocp4-high-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-high-ocp-allowed-registries: + ocp4-high-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-allowed-registries-for-import: + ocp4-high-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-high-ocp-api-server-audit-log-maxbackup: + ocp4-high-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-api-server-audit-log-maxsize: + ocp4-high-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-idp-no-htpasswd: + ocp4-high-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-allowed-registries-for-import: + ocp4-high-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-insecure-registries: + ocp4-high-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-high-ocp-no-ldap-insecure: + ocp4-high-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-api-server-audit-log-path: + ocp4-high-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-high-openshift-motd-exists: + ocp4-high-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-high-rbac-debug-role-protects-pprof: + ocp4-high-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-high-rbac-least-privilege: + ocp4-high-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-cluster-admin: + ocp4-high-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-limit-secrets-access: + ocp4-high-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-pod-creation-access: + ocp4-high-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-rbac-wildcard-use: + ocp4-high-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-resource-requests-limits-in-daemonset: + ocp4-high-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-deployment: + ocp4-high-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-limits-in-statefulset: + ocp4-high-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-high-resource-requests-quota: + ocp4-high-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-high-route-ip-whitelist: + ocp4-high-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-high-routes-protected-by-tls: + ocp4-high-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-high-routes-rate-limit: + ocp4-high-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-high-scansettingbinding-exists: + ocp4-high-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-high-scc-drop-container-capabilities: + ocp4-high-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-container-allowed-capabilities: + ocp4-high-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-high-scc-limit-ipc-namespace: + ocp4-high-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-net-raw-capability: + ocp4-high-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-network-namespace: + ocp4-high-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privilege-escalation: + ocp4-high-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-privileged-containers: + ocp4-high-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-process-id-namespace: + ocp4-high-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scc-limit-root-containers: + ocp4-high-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-scheduler-profiling-protected-by-rbac: + ocp4-high-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-scheduler-service-protected-by-rbac: + ocp4-high-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-high-secrets-consider-external-storage: + ocp4-high-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-secrets-no-environment-variables: + ocp4-high-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-high-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-custom-min-tls-version: + ocp4-high-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-high-api-server-tls-security-profile-not-old: + ocp4-high-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-high-node-4.12.yml b/tests/assertions/ocp4/ocp4-high-node-4.12.yml index c6c810c3df2b..c631283d8015 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.12.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.13.yml b/tests/assertions/ocp4/ocp4-high-node-4.13.yml index 438214787f78..48c2f333e35d 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.13.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.14.yml b/tests/assertions/ocp4/ocp4-high-node-4.14.yml index a2b347e395b6..23bdd002af6b 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.14.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.15.yml b/tests/assertions/ocp4/ocp4-high-node-4.15.yml index a2b347e395b6..23bdd002af6b 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.15.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.16.yml b/tests/assertions/ocp4/ocp4-high-node-4.16.yml index a2b347e395b6..23bdd002af6b 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.16.yml @@ -1,720 +1,720 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.17.yml b/tests/assertions/ocp4/ocp4-high-node-4.17.yml index 7b7dbcd9d511..f85aafbb3939 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.17.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-high-node-4.18.yml b/tests/assertions/ocp4/ocp4-high-node-4.18.yml index 7b7dbcd9d511..f85aafbb3939 100644 --- a/tests/assertions/ocp4/ocp4-high-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-high-node-4.18.yml @@ -1,739 +1,739 @@ rule_results: - e2e-high-node-master-directory-access-var-log-kube-audit: + ocp4-high-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-oauth-audit: + ocp4-high-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-access-var-log-ocp-audit: + ocp4-high-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-kube-audit: + ocp4-high-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-oauth-audit: + ocp4-high-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-directory-permissions-var-log-ocp-audit: + ocp4-high-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-etcd-unique-ca: + ocp4-high-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-cni-conf: + ocp4-high-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-dir: + ocp4-high-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-data-files: + ocp4-high-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-member: + ocp4-high-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ip-allocations: + ocp4-high-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-kube-apiserver: + ocp4-high-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-controller-manager: + ocp4-high-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kube-scheduler: + ocp4-high-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-kubelet-conf: + ocp4-high-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-multus-conf: + ocp4-high-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-pki-key-files: + ocp4-high-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovn-db-files: + ocp4-high-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-pid: + ocp4-high-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovsdb-server-pid: + ocp4-high-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-ca: + ocp4-high-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-kubeconfig: + ocp4-high-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-groupowner-worker-service: + ocp4-high-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-cni-conf: + ocp4-high-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-controller-manager-kubeconfig: + ocp4-high-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-dir: + ocp4-high-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-data-files: + ocp4-high-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-member: + ocp4-high-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-etcd-pki-cert-files: + ocp4-high-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ip-allocations: + ocp4-high-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-kube-apiserver: + ocp4-high-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-controller-manager: + ocp4-high-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kube-scheduler: + ocp4-high-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet: + ocp4-high-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-kubelet-conf: + ocp4-high-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-master-admin-kubeconfigs: + ocp4-high-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-multus-conf: + ocp4-high-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-cert-files: + ocp4-high-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-pki-key-files: + ocp4-high-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-owner-ovn-cni-server-sock: + ocp4-high-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovn-db-files: + ocp4-high-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db: + ocp4-high-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-conf-db-lock: + ocp4-high-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-pid: + ocp4-high-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-sys-id-conf: + ocp4-high-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovs-vswitchd-pid: + ocp4-high-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-ovsdb-server-pid: + ocp4-high-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-scheduler-kubeconfig: + ocp4-high-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-ca: + ocp4-high-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-kubeconfig: + ocp4-high-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-owner-worker-service: + ocp4-high-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-kube-audit: + ocp4-high-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-oauth-audit: + ocp4-high-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-ownership-var-log-ocp-audit: + ocp4-high-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-cni-conf: + ocp4-high-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-dir: + ocp4-high-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-data-files: + ocp4-high-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-member: + ocp4-high-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-etcd-pki-cert-files: + ocp4-high-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ip-allocations: + ocp4-high-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-file-permissions-kube-apiserver: + ocp4-high-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kube-controller-manager: + ocp4-high-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet: + ocp4-high-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-kubelet-conf: + ocp4-high-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-multus-conf: + ocp4-high-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-cert-files: + ocp4-high-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-openshift-pki-key-files: + ocp4-high-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-cni-server-sock: + ocp4-high-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovn-db-files: + ocp4-high-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db: + ocp4-high-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-conf-db-lock: + ocp4-high-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-pid: + ocp4-high-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-sys-id-conf: + ocp4-high-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-ovsdb-server-pid: + ocp4-high-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler: + ocp4-high-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-scheduler-kubeconfig: + ocp4-high-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-kube-audit: + ocp4-high-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-oauth-audit: + ocp4-high-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-var-log-ocp-audit: + ocp4-high-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-ca: + ocp4-high-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-kubeconfig: + ocp4-high-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-permissions-worker-service: + ocp4-high-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-master-kubelet-anonymous-auth: + ocp4-high-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-authorization-mode: + ocp4-high-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-client-ca: + ocp4-high-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-event-creation: + ocp4-high-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-cipher-suites: + ocp4-high-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-configure-tls-min-version: + ocp4-high-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-cert-rotation: + ocp4-high-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-client-cert-rotation: + ocp4-high-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-iptables-util-chains: + ocp4-high-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-server-cert-rotation: + ocp4-high-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-enable-streaming-connections: + ocp4-high-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-master-partition-for-var-log-kube-apiserver: + ocp4-high-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-oauth-apiserver: + ocp4-high-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-partition-for-var-log-openshift-apiserver: + ocp4-high-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-master-reject-unsigned-images-by-default: + ocp4-high-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-worker-directory-access-var-log-kube-audit: + ocp4-high-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-oauth-audit: + ocp4-high-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-access-var-log-ocp-audit: + ocp4-high-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-kube-audit: + ocp4-high-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-high-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-high-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-etcd-unique-ca: + ocp4-high-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-cni-conf: + ocp4-high-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-dir: + ocp4-high-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-data-files: + ocp4-high-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-member: + ocp4-high-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-high-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ip-allocations: + ocp4-high-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-apiserver: + ocp4-high-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-controller-manager: + ocp4-high-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kube-scheduler: + ocp4-high-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-kubelet-conf: + ocp4-high-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-multus-conf: + ocp4-high-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-high-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-high-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovn-db-files: + ocp4-high-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-pid: + ocp4-high-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-high-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-high-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-worker-ca: + ocp4-high-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-kubeconfig: + ocp4-high-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-groupowner-worker-service: + ocp4-high-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-cni-conf: + ocp4-high-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-high-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-dir: + ocp4-high-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-data-files: + ocp4-high-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-member: + ocp4-high-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-etcd-pki-cert-files: + ocp4-high-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ip-allocations: + ocp4-high-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-apiserver: + ocp4-high-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-controller-manager: + ocp4-high-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kube-scheduler: + ocp4-high-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-kubelet: + ocp4-high-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-kubelet-conf: + ocp4-high-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-high-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-multus-conf: + ocp4-high-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-openshift-pki-cert-files: + ocp4-high-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-pki-key-files: + ocp4-high-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-ovn-cni-server-sock: + ocp4-high-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovn-db-files: + ocp4-high-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db: + ocp4-high-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-conf-db-lock: + ocp4-high-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-pid: + ocp4-high-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-sys-id-conf: + ocp4-high-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-high-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-ovsdb-server-pid: + ocp4-high-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-scheduler-kubeconfig: + ocp4-high-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-owner-worker-ca: + ocp4-high-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-kubeconfig: + ocp4-high-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-owner-worker-service: + ocp4-high-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-ownership-var-log-kube-audit: + ocp4-high-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-oauth-audit: + ocp4-high-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-ownership-var-log-ocp-audit: + ocp4-high-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-cni-conf: + ocp4-high-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-high-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-dir: + ocp4-high-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-data-files: + ocp4-high-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-member: + ocp4-high-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-high-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ip-allocations: + ocp4-high-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-apiserver: + ocp4-high-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kube-controller-manager: + ocp4-high-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-kubelet: + ocp4-high-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-kubelet-conf: + ocp4-high-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-high-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-multus-conf: + ocp4-high-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-high-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-openshift-pki-key-files: + ocp4-high-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-high-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovn-db-files: + ocp4-high-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db: + ocp4-high-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-high-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-pid: + ocp4-high-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-high-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-high-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-ovsdb-server-pid: + ocp4-high-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-scheduler: + ocp4-high-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-high-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-kube-audit: + ocp4-high-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-oauth-audit: + ocp4-high-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-var-log-ocp-audit: + ocp4-high-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-file-permissions-worker-ca: + ocp4-high-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-kubeconfig: + ocp4-high-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-permissions-worker-service: + ocp4-high-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-high-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-node-worker-kubelet-anonymous-auth: + ocp4-high-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-authorization-mode: + ocp4-high-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-client-ca: + ocp4-high-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-event-creation: + ocp4-high-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-high-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-configure-tls-min-version: + ocp4-high-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-cert-rotation: + ocp4-high-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-client-cert-rotation: + ocp4-high-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-iptables-util-chains: + ocp4-high-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-high-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-high-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-server-cert-rotation: + ocp4-high-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-enable-streaming-connections: + ocp4-high-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-high-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-high-node-worker-partition-for-var-log-kube-apiserver: + ocp4-high-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-high-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-high-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-node-worker-reject-unsigned-images-by-default: + ocp4-high-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-high-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-4.12.yml b/tests/assertions/ocp4/ocp4-moderate-4.12.yml index aa7fd2ad127a..74855c7b2c0a 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.12.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.12.yml @@ -1,405 +1,405 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.13.yml b/tests/assertions/ocp4/ocp4-moderate-4.13.yml index 8dc1903767d1..55e36fc0d771 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.13.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.13.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.14.yml b/tests/assertions/ocp4/ocp4-moderate-4.14.yml index 1b66f3fa03bb..310a10e6cc61 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.14.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.14.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.15.yml b/tests/assertions/ocp4/ocp4-moderate-4.15.yml index 8ad9037bc139..f3fe05e50826 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.15.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.15.yml @@ -1,378 +1,378 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.16.yml b/tests/assertions/ocp4/ocp4-moderate-4.16.yml index 1b66f3fa03bb..310a10e6cc61 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.16.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.16.yml @@ -1,404 +1,404 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.17.yml b/tests/assertions/ocp4/ocp4-moderate-4.17.yml index 767a9e9a25d4..b5cedaef88e9 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.17.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.17.yml @@ -1,406 +1,406 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-4.18.yml b/tests/assertions/ocp4/ocp4-moderate-4.18.yml index 767a9e9a25d4..b5cedaef88e9 100644 --- a/tests/assertions/ocp4/ocp4-moderate-4.18.yml +++ b/tests/assertions/ocp4/ocp4-moderate-4.18.yml @@ -1,406 +1,406 @@ rule_results: - e2e-moderate-accounts-restrict-service-account-tokens: + ocp4-moderate-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-accounts-unique-service-account: + ocp4-moderate-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-api-server-admission-control-plugin-alwaysadmit: + ocp4-moderate-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-alwayspullimages: + ocp4-moderate-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-namespacelifecycle: + ocp4-moderate-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-noderestriction: + ocp4-moderate-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-scc: + ocp4-moderate-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-securitycontextdeny: + ocp4-moderate-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-admission-control-plugin-service-account: + ocp4-moderate-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-anonymous-auth: + ocp4-moderate-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-flowschema-catch-all: + ocp4-moderate-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-api-priority-gate-enabled: + ocp4-moderate-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-audit-log-maxbackup: + ocp4-moderate-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-maxsize: + ocp4-moderate-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-audit-log-path: + ocp4-moderate-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-no-aa: + ocp4-moderate-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-node: + ocp4-moderate-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-auth-mode-rbac: + ocp4-moderate-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-basic-auth: + ocp4-moderate-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-bind-address: + ocp4-moderate-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-client-ca: + ocp4-moderate-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-encryption-provider-cipher: + ocp4-moderate-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-etcd-ca: + ocp4-moderate-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-cert: + ocp4-moderate-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-etcd-key: + ocp4-moderate-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-https-for-kubelet-conn: + ocp4-moderate-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-bind-address: + ocp4-moderate-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-insecure-port: + ocp4-moderate-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-certificate-authority: + ocp4-moderate-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert: + ocp4-moderate-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-cert-pre-4-9: + ocp4-moderate-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-kubelet-client-key: + ocp4-moderate-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-kubelet-client-key-pre-4-9: + ocp4-moderate-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-api-server-no-adm-ctrl-plugins-disabled: + ocp4-moderate-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-oauth-https-serving-cert: + ocp4-moderate-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-openshift-https-serving-cert: + ocp4-moderate-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-profiling-protected-by-rbac: + ocp4-moderate-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-request-timeout: + ocp4-moderate-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-lookup: + ocp4-moderate-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-service-account-public-key: + ocp4-moderate-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cert: + ocp4-moderate-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-cipher-suites: + ocp4-moderate-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-private-key: + ocp4-moderate-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile: + ocp4-moderate-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-token-auth: + ocp4-moderate-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-error-alert-exists: + ocp4-moderate-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-enabled: + ocp4-moderate-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-uses-tls: + ocp4-moderate-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-moderate-audit-log-forwarding-webhook: + ocp4-moderate-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-audit-logging-enabled: + ocp4-moderate-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-audit-profile-set: + ocp4-moderate-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-banner-or-login-template-set: + ocp4-moderate-banner-or-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-moderate-cluster-version-operator-exists: + ocp4-moderate-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-version-operator-verify-integrity: + ocp4-moderate-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-moderate-cluster-wide-proxy-set: + ocp4-moderate-cluster-wide-proxy-set: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-compliance-notification-enabled: + ocp4-moderate-compliance-notification-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies: + ocp4-moderate-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-moderate-configure-network-policies-hypershift-hosted: + ocp4-moderate-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-configure-network-policies-namespaces: + ocp4-moderate-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-insecure-port-disabled: + ocp4-moderate-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-rotate-kubelet-server-certs: + ocp4-moderate-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-controller-secure-port: + ocp4-moderate-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-ca: + ocp4-moderate-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-service-account-private-key: + ocp4-moderate-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-controller-use-service-account: + ocp4-moderate-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-moderate-default-ingress-ca-replaced: + ocp4-moderate-default-ingress-ca-replaced: default_result: FAIL result_after_remediation: PASS - e2e-moderate-etcd-auto-tls: + ocp4-moderate-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-cert-file: + ocp4-moderate-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-client-cert-auth: + ocp4-moderate-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-key-file: + ocp4-moderate-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-auto-tls: + ocp4-moderate-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-cert-file: + ocp4-moderate-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-client-cert-auth: + ocp4-moderate-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-etcd-peer-key-file: + ocp4-moderate-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-file-groupowner-proxy-kubeconfig: + ocp4-moderate-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-integrity-exists: + ocp4-moderate-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-integrity-notification-enabled: + ocp4-moderate-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-file-owner-proxy-kubeconfig: + ocp4-moderate-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-file-permissions-proxy-kubeconfig: + ocp4-moderate-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-fips-mode-enabled-on-all-nodes: + ocp4-moderate-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-moderate-general-apply-scc: + ocp4-moderate-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-configure-imagepolicywebhook: + ocp4-moderate-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-namespace-use: + ocp4-moderate-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-default-seccomp-profile: + ocp4-moderate-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-general-namespaces-in-use: + ocp4-moderate-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-idp-is-configured: + ocp4-moderate-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-certificate: + ocp4-moderate-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ingress-controller-tls-security-profile: + ocp4-moderate-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubeadmin-removed: + ocp4-moderate-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-kubelet-configure-tls-cert: + ocp4-moderate-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-configure-tls-cert-pre-4-9: + ocp4-moderate-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-kubelet-configure-tls-key: + ocp4-moderate-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-kubelet-disable-readonly-port: + ocp4-moderate-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-inactivity-timeout: + ocp4-moderate-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-oauth-or-oauthclient-token-maxage: + ocp4-moderate-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-ocp-allowed-registries: + ocp4-moderate-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-allowed-registries-for-import: + ocp4-moderate-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-ocp-api-server-audit-log-maxbackup: + ocp4-moderate-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-api-server-audit-log-maxsize: + ocp4-moderate-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-idp-no-htpasswd: + ocp4-moderate-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-allowed-registries-for-import: + ocp4-moderate-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-insecure-registries: + ocp4-moderate-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-moderate-ocp-no-ldap-insecure: + ocp4-moderate-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-api-server-audit-log-path: + ocp4-moderate-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-moderate-openshift-motd-exists: + ocp4-moderate-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-moderate-rbac-debug-role-protects-pprof: + ocp4-moderate-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-moderate-rbac-least-privilege: + ocp4-moderate-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-cluster-admin: + ocp4-moderate-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-limit-secrets-access: + ocp4-moderate-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-pod-creation-access: + ocp4-moderate-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-rbac-wildcard-use: + ocp4-moderate-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-resource-requests-limits-in-daemonset: + ocp4-moderate-resource-requests-limits-in-daemonset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-deployment: + ocp4-moderate-resource-requests-limits-in-deployment: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-limits-in-statefulset: + ocp4-moderate-resource-requests-limits-in-statefulset: default_result: PASS result_after_remediation: PASS - e2e-moderate-resource-requests-quota: + ocp4-moderate-resource-requests-quota: default_result: PASS result_after_remediation: PASS - e2e-moderate-route-ip-whitelist: + ocp4-moderate-route-ip-whitelist: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-protected-by-tls: + ocp4-moderate-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-moderate-routes-rate-limit: + ocp4-moderate-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-moderate-scansettingbinding-exists: + ocp4-moderate-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-drop-container-capabilities: + ocp4-moderate-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-container-allowed-capabilities: + ocp4-moderate-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-moderate-scc-limit-ipc-namespace: + ocp4-moderate-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-net-raw-capability: + ocp4-moderate-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-network-namespace: + ocp4-moderate-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privilege-escalation: + ocp4-moderate-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-privileged-containers: + ocp4-moderate-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-process-id-namespace: + ocp4-moderate-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scc-limit-root-containers: + ocp4-moderate-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-scheduler-profiling-protected-by-rbac: + ocp4-moderate-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-scheduler-service-protected-by-rbac: + ocp4-moderate-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-moderate-secrets-consider-external-storage: + ocp4-moderate-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-secrets-no-environment-variables: + ocp4-moderate-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-moderate-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-custom-min-tls-version: + ocp4-moderate-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-api-server-tls-security-profile-not-old: + ocp4-moderate-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml index 86c63c709b6f..38920bfc61ec 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.12.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml index cd0f6e324b70..5d38ba276240 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.13.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml index 7b396b434f05..c5ea44e457e9 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.14.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml index 7b396b434f05..c5ea44e457e9 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.15.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml index 7b396b434f05..c5ea44e457e9 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.16.yml @@ -1,720 +1,720 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml index c35877839fba..c63bcaa7bc38 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.17.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml b/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml index c35877839fba..c63bcaa7bc38 100644 --- a/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-moderate-node-4.18.yml @@ -1,739 +1,739 @@ rule_results: - e2e-moderate-node-master-directory-access-var-log-kube-audit: + ocp4-moderate-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-oauth-audit: + ocp4-moderate-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-access-var-log-ocp-audit: + ocp4-moderate-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-etcd-unique-ca: + ocp4-moderate-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-cni-conf: + ocp4-moderate-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-dir: + ocp4-moderate-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-data-files: + ocp4-moderate-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-member: + ocp4-moderate-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ip-allocations: + ocp4-moderate-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-kube-apiserver: + ocp4-moderate-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-controller-manager: + ocp4-moderate-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kube-scheduler: + ocp4-moderate-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-kubelet-conf: + ocp4-moderate-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-multus-conf: + ocp4-moderate-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovn-db-files: + ocp4-moderate-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-pid: + ocp4-moderate-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-ca: + ocp4-moderate-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-worker-service: + ocp4-moderate-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-cni-conf: + ocp4-moderate-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-dir: + ocp4-moderate-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-data-files: + ocp4-moderate-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-member: + ocp4-moderate-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ip-allocations: + ocp4-moderate-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-kube-apiserver: + ocp4-moderate-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-controller-manager: + ocp4-moderate-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kube-scheduler: + ocp4-moderate-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet: + ocp4-moderate-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-kubelet-conf: + ocp4-moderate-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-multus-conf: + ocp4-moderate-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-pki-key-files: + ocp4-moderate-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovn-db-files: + ocp4-moderate-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db: + ocp4-moderate-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-pid: + ocp4-moderate-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-ovsdb-server-pid: + ocp4-moderate-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-ca: + ocp4-moderate-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-kubeconfig: + ocp4-moderate-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-owner-worker-service: + ocp4-moderate-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-kube-audit: + ocp4-moderate-node-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-cni-conf: + ocp4-moderate-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-dir: + ocp4-moderate-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-data-files: + ocp4-moderate-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-member: + ocp4-moderate-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ip-allocations: + ocp4-moderate-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-file-permissions-kube-apiserver: + ocp4-moderate-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kube-controller-manager: + ocp4-moderate-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet: + ocp4-moderate-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-kubelet-conf: + ocp4-moderate-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-multus-conf: + ocp4-moderate-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovn-db-files: + ocp4-moderate-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db: + ocp4-moderate-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-pid: + ocp4-moderate-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler: + ocp4-moderate-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-kube-audit: + ocp4-moderate-node-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-ca: + ocp4-moderate-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-kubeconfig: + ocp4-moderate-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-permissions-worker-service: + ocp4-moderate-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-master-kubelet-anonymous-auth: + ocp4-moderate-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-authorization-mode: + ocp4-moderate-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-client-ca: + ocp4-moderate-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-event-creation: + ocp4-moderate-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-configure-tls-min-version: + ocp4-moderate-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-enable-streaming-connections: + ocp4-moderate-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-master-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-master-reject-unsigned-images-by-default: + ocp4-moderate-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-worker-directory-access-var-log-kube-audit: + ocp4-moderate-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-access-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-etcd-unique-ca: + ocp4-moderate-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-cni-conf: + ocp4-moderate-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-dir: + ocp4-moderate-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-data-files: + ocp4-moderate-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-member: + ocp4-moderate-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ip-allocations: + ocp4-moderate-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-apiserver: + ocp4-moderate-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-controller-manager: + ocp4-moderate-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kube-scheduler: + ocp4-moderate-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-kubelet-conf: + ocp4-moderate-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-multus-conf: + ocp4-moderate-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovn-db-files: + ocp4-moderate-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-worker-ca: + ocp4-moderate-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-kubeconfig: + ocp4-moderate-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-groupowner-worker-service: + ocp4-moderate-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-cni-conf: + ocp4-moderate-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-dir: + ocp4-moderate-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-data-files: + ocp4-moderate-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-member: + ocp4-moderate-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ip-allocations: + ocp4-moderate-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-apiserver: + ocp4-moderate-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-controller-manager: + ocp4-moderate-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kube-scheduler: + ocp4-moderate-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-kubelet: + ocp4-moderate-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-kubelet-conf: + ocp4-moderate-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-multus-conf: + ocp4-moderate-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-pki-key-files: + ocp4-moderate-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovn-db-files: + ocp4-moderate-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db: + ocp4-moderate-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-pid: + ocp4-moderate-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-ovsdb-server-pid: + ocp4-moderate-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-owner-worker-ca: + ocp4-moderate-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-kubeconfig: + ocp4-moderate-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-owner-worker-service: + ocp4-moderate-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-ownership-var-log-kube-audit: + ocp4-moderate-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-oauth-audit: + ocp4-moderate-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-ownership-var-log-ocp-audit: + ocp4-moderate-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-cni-conf: + ocp4-moderate-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-moderate-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-dir: + ocp4-moderate-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-data-files: + ocp4-moderate-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-member: + ocp4-moderate-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ip-allocations: + ocp4-moderate-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-apiserver: + ocp4-moderate-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kube-controller-manager: + ocp4-moderate-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-kubelet: + ocp4-moderate-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-kubelet-conf: + ocp4-moderate-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-moderate-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-multus-conf: + ocp4-moderate-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-openshift-pki-key-files: + ocp4-moderate-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-moderate-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovn-db-files: + ocp4-moderate-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-moderate-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-pid: + ocp4-moderate-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-moderate-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-moderate-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-ovsdb-server-pid: + ocp4-moderate-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-scheduler: + ocp4-moderate-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-moderate-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-kube-audit: + ocp4-moderate-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-oauth-audit: + ocp4-moderate-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-var-log-ocp-audit: + ocp4-moderate-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-file-permissions-worker-ca: + ocp4-moderate-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-kubeconfig: + ocp4-moderate-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-permissions-worker-service: + ocp4-moderate-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-moderate-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-node-worker-kubelet-anonymous-auth: + ocp4-moderate-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-authorization-mode: + ocp4-moderate-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-client-ca: + ocp4-moderate-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-event-creation: + ocp4-moderate-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-moderate-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-configure-tls-min-version: + ocp4-moderate-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-client-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-iptables-util-chains: + ocp4-moderate-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-moderate-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-server-cert-rotation: + ocp4-moderate-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-enable-streaming-connections: + ocp4-moderate-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-moderate-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-moderate-node-worker-partition-for-var-log-kube-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-moderate-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-node-worker-reject-unsigned-images-by-default: + ocp4-moderate-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-moderate-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.12.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.13.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.14.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.15.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.16.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.17.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml index 80db049b6156..7faae2998b0d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4-0-4.18.yml @@ -1,364 +1,364 @@ rule_results: - e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: + ocp4-pci-dss-4-0-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-accounts-unique-service-account: + ocp4-pci-dss-4-0-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-acs-sensor-exists: + ocp4-pci-dss-4-0-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-alert-receiver-configured: + ocp4-pci-dss-4-0-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-4-0-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-anonymous-auth: + ocp4-pci-dss-4-0-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-audit-log-path: + ocp4-pci-dss-4-0-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-no-aa: + ocp4-pci-dss-4-0-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-auth-mode-rbac: + ocp4-pci-dss-4-0-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-basic-auth: + ocp4-pci-dss-4-0-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-bind-address: + ocp4-pci-dss-4-0-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-client-ca: + ocp4-pci-dss-4-0-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-encryption-provider-cipher: + ocp4-pci-dss-4-0-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-ca: + ocp4-pci-dss-4-0-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-cert: + ocp4-pci-dss-4-0-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-etcd-key: + ocp4-pci-dss-4-0-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: + ocp4-pci-dss-4-0-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-insecure-bind-address: + ocp4-pci-dss-4-0-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: + ocp4-pci-dss-4-0-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-kubelet-client-key: + ocp4-pci-dss-4-0-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: + ocp4-pci-dss-4-0-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: + ocp4-pci-dss-4-0-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-request-timeout: + ocp4-pci-dss-4-0-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-lookup: + ocp4-pci-dss-4-0-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-service-account-public-key: + ocp4-pci-dss-4-0-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cert: + ocp4-pci-dss-4-0-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-cipher-suites: + ocp4-pci-dss-4-0-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-private-key: + ocp4-pci-dss-4-0-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile: + ocp4-pci-dss-4-0-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-token-auth: + ocp4-pci-dss-4-0-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-error-alert-exists: + ocp4-pci-dss-4-0-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-log-forwarding-enabled: + ocp4-pci-dss-4-0-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-audit-log-forwarding-webhook: + ocp4-pci-dss-4-0-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-audit-logging-enabled: + ocp4-pci-dss-4-0-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-audit-profile-set: + ocp4-pci-dss-4-0-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies: + ocp4-pci-dss-4-0-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-4-0-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-configure-network-policies-namespaces: + ocp4-pci-dss-4-0-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-container-security-operator-exists: + ocp4-pci-dss-4-0-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-controller-insecure-port-disabled: + ocp4-pci-dss-4-0-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-secure-port: + ocp4-pci-dss-4-0-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-ca: + ocp4-pci-dss-4-0-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-service-account-private-key: + ocp4-pci-dss-4-0-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-controller-use-service-account: + ocp4-pci-dss-4-0-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-auto-tls: + ocp4-pci-dss-4-0-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-cert-file: + ocp4-pci-dss-4-0-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-client-cert-auth: + ocp4-pci-dss-4-0-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-key-file: + ocp4-pci-dss-4-0-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-auto-tls: + ocp4-pci-dss-4-0-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-cert-file: + ocp4-pci-dss-4-0-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-client-cert-auth: + ocp4-pci-dss-4-0-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-etcd-peer-key-file: + ocp4-pci-dss-4-0-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-exists: + ocp4-pci-dss-4-0-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-integrity-notification-enabled: + ocp4-pci-dss-4-0-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-4-0-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-4-0-general-apply-scc: + ocp4-pci-dss-4-0-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-namespace-use: + ocp4-pci-dss-4-0-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-default-seccomp-profile: + ocp4-pci-dss-4-0-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-general-namespaces-in-use: + ocp4-pci-dss-4-0-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-idp-is-configured: + ocp4-pci-dss-4-0-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-certificate: + ocp4-pci-dss-4-0-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-security-profile: + ocp4-pci-dss-4-0-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubeadmin-removed: + ocp4-pci-dss-4-0-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-kubelet-configure-tls-cert: + ocp4-pci-dss-4-0-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-4-0-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-configure-tls-key: + ocp4-pci-dss-4-0-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-kubelet-disable-readonly-port: + ocp4-pci-dss-4-0-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-machine-volume-encrypted: + ocp4-pci-dss-4-0-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-allowed-registries: + ocp4-pci-dss-4-0-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-4-0-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-idp-no-htpasswd: + ocp4-pci-dss-4-0-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-insecure-registries: + ocp4-pci-dss-4-0-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ocp-no-ldap-insecure: + ocp4-pci-dss-4-0-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-openshift-api-server-audit-log-path: + ocp4-pci-dss-4-0-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-cluster-roles-defined: + ocp4-pci-dss-4-0-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: + ocp4-pci-dss-4-0-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-least-privilege: + ocp4-pci-dss-4-0-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-cluster-admin: + ocp4-pci-dss-4-0-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-limit-secrets-access: + ocp4-pci-dss-4-0-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-pod-creation-access: + ocp4-pci-dss-4-0-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-rbac-roles-defined: + ocp4-pci-dss-4-0-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-rbac-wildcard-use: + ocp4-pci-dss-4-0-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-routes-protected-by-tls: + ocp4-pci-dss-4-0-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scansettingbinding-exists: + ocp4-pci-dss-4-0-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-drop-container-capabilities: + ocp4-pci-dss-4-0-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-4-0-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scc-limit-ipc-namespace: + ocp4-pci-dss-4-0-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-net-raw-capability: + ocp4-pci-dss-4-0-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-network-namespace: + ocp4-pci-dss-4-0-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privilege-escalation: + ocp4-pci-dss-4-0-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-privileged-containers: + ocp4-pci-dss-4-0-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-process-id-namespace: + ocp4-pci-dss-4-0-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scc-limit-root-containers: + ocp4-pci-dss-4-0-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: + ocp4-pci-dss-4-0-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-secrets-consider-external-storage: + ocp4-pci-dss-4-0-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-secrets-no-environment-variables: + ocp4-pci-dss-4-0-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-4-0-security-profiles-operator-exists: + ocp4-pci-dss-4-0-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-4-0-storageclass-encryption-enabled: + ocp4-pci-dss-4-0-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-apiserver: + ocp4-pci-dss-4-0-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-tls-version-check-router: + ocp4-pci-dss-4-0-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-4-0-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-api-server-tls-security-profile-not-old: + ocp4-pci-dss-4-0-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-4-0-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-4-0-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml index 7f99f8893993..9ab26b3e4d3d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.12.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml index 135641108c07..d9cd21bfa079 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.13.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml index 135641108c07..d9cd21bfa079 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.14.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml index 135641108c07..d9cd21bfa079 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.15.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml index 135641108c07..d9cd21bfa079 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.16.yml @@ -1,378 +1,378 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml index 7f99f8893993..9ab26b3e4d3d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.17.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml index 7f99f8893993..9ab26b3e4d3d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-4.18.yml @@ -1,379 +1,379 @@ rule_results: - e2e-pci-dss-accounts-restrict-service-account-tokens: + ocp4-pci-dss-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-accounts-unique-service-account: + ocp4-pci-dss-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-admission-control-plugin-alwaysadmit: + ocp4-pci-dss-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-alwayspullimages: + ocp4-pci-dss-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-namespacelifecycle: + ocp4-pci-dss-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-noderestriction: + ocp4-pci-dss-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-scc: + ocp4-pci-dss-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-admission-control-plugin-service-account: + ocp4-pci-dss-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-anonymous-auth: + ocp4-pci-dss-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-api-priority-gate-enabled: + ocp4-pci-dss-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-audit-log-maxbackup: + ocp4-pci-dss-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-maxsize: + ocp4-pci-dss-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-audit-log-path: + ocp4-pci-dss-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-no-aa: + ocp4-pci-dss-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-auth-mode-rbac: + ocp4-pci-dss-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-basic-auth: + ocp4-pci-dss-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-bind-address: + ocp4-pci-dss-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-client-ca: + ocp4-pci-dss-api-server-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-encryption-provider-cipher: + ocp4-pci-dss-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-ca: + ocp4-pci-dss-api-server-etcd-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-cert: + ocp4-pci-dss-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-etcd-key: + ocp4-pci-dss-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-https-for-kubelet-conn: + ocp4-pci-dss-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-bind-address: + ocp4-pci-dss-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-insecure-port: + ocp4-pci-dss-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-certificate-authority: + ocp4-pci-dss-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert: + ocp4-pci-dss-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-cert-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-kubelet-client-key: + ocp4-pci-dss-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-kubelet-client-key-pre-4-9: + ocp4-pci-dss-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-api-server-oauth-https-serving-cert: + ocp4-pci-dss-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-openshift-https-serving-cert: + ocp4-pci-dss-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-profiling-protected-by-rbac: + ocp4-pci-dss-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-request-timeout: + ocp4-pci-dss-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-lookup: + ocp4-pci-dss-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-service-account-public-key: + ocp4-pci-dss-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cert: + ocp4-pci-dss-api-server-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-cipher-suites: + ocp4-pci-dss-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-private-key: + ocp4-pci-dss-api-server-tls-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-token-auth: + ocp4-pci-dss-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-log-forwarding-enabled: + ocp4-pci-dss-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-audit-log-forwarding-webhook: + ocp4-pci-dss-audit-log-forwarding-webhook: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-audit-logging-enabled: + ocp4-pci-dss-audit-logging-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-profile-set: + ocp4-pci-dss-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-configure-network-policies: + ocp4-pci-dss-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-configure-network-policies-hypershift-hosted: + ocp4-pci-dss-configure-network-policies-hypershift-hosted: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-configure-network-policies-namespaces: + ocp4-pci-dss-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-insecure-port-disabled: + ocp4-pci-dss-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-secure-port: + ocp4-pci-dss-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-ca: + ocp4-pci-dss-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-service-account-private-key: + ocp4-pci-dss-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-controller-use-service-account: + ocp4-pci-dss-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-auto-tls: + ocp4-pci-dss-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-cert-file: + ocp4-pci-dss-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-check-cipher-suite: + ocp4-pci-dss-etcd-check-cipher-suite: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-client-cert-auth: + ocp4-pci-dss-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-key-file: + ocp4-pci-dss-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-auto-tls: + ocp4-pci-dss-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-cert-file: + ocp4-pci-dss-etcd-peer-cert-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-client-cert-auth: + ocp4-pci-dss-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-etcd-peer-key-file: + ocp4-pci-dss-etcd-peer-key-file: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-file-groupowner-proxy-kubeconfig: + ocp4-pci-dss-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-integrity-exists: + ocp4-pci-dss-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-integrity-notification-enabled: + ocp4-pci-dss-file-integrity-notification-enabled: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-file-owner-proxy-kubeconfig: + ocp4-pci-dss-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-file-permissions-proxy-kubeconfig: + ocp4-pci-dss-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-general-apply-scc: + ocp4-pci-dss-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-namespace-use: + ocp4-pci-dss-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-default-seccomp-profile: + ocp4-pci-dss-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-general-namespaces-in-use: + ocp4-pci-dss-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-idp-is-configured: + ocp4-pci-dss-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-kubeadmin-removed: + ocp4-pci-dss-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-kubelet-configure-tls-cert: + ocp4-pci-dss-kubelet-configure-tls-cert: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cert-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-configure-tls-key: + ocp4-pci-dss-kubelet-configure-tls-key: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-key-pre-4-9: + ocp4-pci-dss-kubelet-configure-tls-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-kubelet-disable-readonly-port: + ocp4-pci-dss-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-machine-volume-encrypted: + ocp4-pci-dss-machine-volume-encrypted: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-allowed-registries: + ocp4-pci-dss-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-allowed-registries-for-import: + ocp4-pci-dss-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-ocp-api-server-audit-log-maxbackup: + ocp4-pci-dss-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-api-server-audit-log-maxsize: + ocp4-pci-dss-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-allowed-registries-for-import: + ocp4-pci-dss-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-insecure-registries: + ocp4-pci-dss-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ocp-no-ldap-insecure: + ocp4-pci-dss-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-openshift-api-server-audit-log-path: + ocp4-pci-dss-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-cluster-roles-defined: + ocp4-pci-dss-rbac-cluster-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-debug-role-protects-pprof: + ocp4-pci-dss-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-least-privilege: + ocp4-pci-dss-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-cluster-admin: + ocp4-pci-dss-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-limit-secrets-access: + ocp4-pci-dss-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-pod-creation-access: + ocp4-pci-dss-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-rbac-roles-defined: + ocp4-pci-dss-rbac-roles-defined: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-rbac-wildcard-use: + ocp4-pci-dss-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-routes-protected-by-tls: + ocp4-pci-dss-routes-protected-by-tls: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scansettingbinding-exists: + ocp4-pci-dss-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-drop-container-capabilities: + ocp4-pci-dss-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-container-allowed-capabilities: + ocp4-pci-dss-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scc-limit-ipc-namespace: + ocp4-pci-dss-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-net-raw-capability: + ocp4-pci-dss-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-network-namespace: + ocp4-pci-dss-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privilege-escalation: + ocp4-pci-dss-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-privileged-containers: + ocp4-pci-dss-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-process-id-namespace: + ocp4-pci-dss-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scc-limit-root-containers: + ocp4-pci-dss-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-scheduler-profiling-protected-by-rbac: + ocp4-pci-dss-scheduler-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-scheduler-service-protected-by-rbac: + ocp4-pci-dss-scheduler-service-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-secrets-consider-external-storage: + ocp4-pci-dss-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-secrets-no-environment-variables: + ocp4-pci-dss-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-storageclass-encryption-enabled: + ocp4-pci-dss-storageclass-encryption-enabled: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-apiserver: + ocp4-pci-dss-tls-version-check-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-tls-version-check-router: + ocp4-pci-dss-tls-version-check-router: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-acs-sensor-exists: + ocp4-pci-dss-acs-sensor-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-alert-receiver-configured: + ocp4-pci-dss-alert-receiver-configured: default_result: MANUAL result_after_remediation: MANUAL - e2e-pci-dss-api-server-tls-security-profile: + ocp4-pci-dss-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-audit-error-alert-exists: + ocp4-pci-dss-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-container-security-operator-exists: + ocp4-pci-dss-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-certificate: + ocp4-pci-dss-ingress-controller-certificate: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-security-profile: + ocp4-pci-dss-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: + ocp4-pci-dss-kubelet-configure-tls-cipher-suites-ingresscontroller: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-oauth-or-oauthclient-inactivity-timeout: + ocp4-pci-dss-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-ocp-idp-no-htpasswd: + ocp4-pci-dss-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-security-profiles-operator-exists: + ocp4-pci-dss-security-profiles-operator-exists: default_result: FAIL result_after_remediation: PASS or NOT-APPLICABLE - e2e-pci-dss-api-server-tls-security-profile-custom-min-tls-version: + ocp4-pci-dss-api-server-tls-security-profile-custom-min-tls-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-api-server-tls-security-profile-not-old: + ocp4-pci-dss-api-server-tls-security-profile-not-old: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-ingress-controller-tls-cipher-suites: + ocp4-pci-dss-ingress-controller-tls-cipher-suites: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml index 53a127b2d0d0..cdecd71d5d12 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.12.yml @@ -1,704 +1,704 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml index 53a127b2d0d0..cdecd71d5d12 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.13.yml @@ -1,704 +1,704 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml index 5a4d2709203d..91eab0629b9b 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.14.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml index 5a4d2709203d..91eab0629b9b 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.15.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml index 5a4d2709203d..91eab0629b9b 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.16.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml index 5a4d2709203d..91eab0629b9b 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.17.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml index 5a4d2709203d..91eab0629b9b 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4-0-4.18.yml @@ -1,703 +1,703 @@ rule_results: - e2e-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-directory-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-etcd-unique-ca: + ocp4-pci-dss-node-4-0-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-owner-worker-service: + ocp4-pci-dss-node-4-0-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-ownership-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-kube-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-oauth-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-master-file-permissions-var-log-ocp-audit: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-master-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-etcd-unique-ca: + ocp4-pci-dss-node-4-0-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-4-0-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-kubelet: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-owner-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-owner-worker-service: + ocp4-pci-dss-node-4-0-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-4-0-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-4-0-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-4-0-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-4-0-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-4-0-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-permissions-worker-service: + ocp4-pci-dss-node-4-0-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-4-0-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-4-0-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-4-0-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-4-0-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-4-0-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-4-0-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-4-0-worker-tls-version-check-masters-workers: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-4-0-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml index 2b28b76d1bec..99b50b83bed3 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.12.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml index 22cda3563e98..3ab131a0aae7 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.13.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml index 31460596ff60..4b47133cdd12 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.14.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml index 31460596ff60..4b47133cdd12 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.15.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml index 31460596ff60..4b47133cdd12 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.16.yml @@ -1,498 +1,498 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: # nodes get INCONSISTENT because of https://bugzilla.redhat.com/show_bug.cgi?id=2001442 default_result: PASS or INCONSISTENT - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml index f2fd6457104d..8f0d2551872d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.17.yml @@ -1,497 +1,497 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml b/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml index f2fd6457104d..8f0d2551872d 100644 --- a/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-pci-dss-node-4.18.yml @@ -1,497 +1,497 @@ rule_results: - e2e-pci-dss-node-master-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-etcd-unique-ca: + ocp4-pci-dss-node-master-etcd-unique-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-cni-conf: + ocp4-pci-dss-node-master-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-member: + ocp4-pci-dss-node-master-file-groupowner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ip-allocations: + ocp4-pci-dss-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-master-file-groupowner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-master-file-groupowner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-master-file-groupowner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-master-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-multus-conf: + ocp4-pci-dss-node-master-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-ca: + ocp4-pci-dss-node-master-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-groupowner-worker-service: + ocp4-pci-dss-node-master-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-owner-cni-conf: + ocp4-pci-dss-node-master-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-dir: + ocp4-pci-dss-node-master-file-owner-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-data-files: + ocp4-pci-dss-node-master-file-owner-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-member: + ocp4-pci-dss-node-master-file-owner-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ip-allocations: + ocp4-pci-dss-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-kube-apiserver: + ocp4-pci-dss-node-master-file-owner-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-controller-manager: + ocp4-pci-dss-node-master-file-owner-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-owner-kube-scheduler: + ocp4-pci-dss-node-master-file-owner-kube-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet: + ocp4-pci-dss-node-master-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-master-file-owner-kubelet-conf: + ocp4-pci-dss-node-master-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-owner-multus-conf: + ocp4-pci-dss-node-master-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-owner-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovn-db-files: + ocp4-pci-dss-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-pid: + ocp4-pci-dss-node-master-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-owner-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-ca: + ocp4-pci-dss-node-master-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-master-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-owner-worker-service: + ocp4-pci-dss-node-master-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-ownership-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-cni-conf: + ocp4-pci-dss-node-master-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-master-file-permissions-etcd-data-dir: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-data-files: + ocp4-pci-dss-node-master-file-permissions-etcd-data-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-member: + ocp4-pci-dss-node-master-file-permissions-etcd-member: default_result: PASS - e2e-pci-dss-node-master-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ip-allocations: + ocp4-pci-dss-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-file-permissions-kube-apiserver: + ocp4-pci-dss-node-master-file-permissions-kube-apiserver: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-master-file-permissions-kube-controller-manager: default_result: PASS - e2e-pci-dss-node-master-file-permissions-kubelet-conf: + ocp4-pci-dss-node-master-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS - e2e-pci-dss-node-master-file-permissions-multus-conf: + ocp4-pci-dss-node-master-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-master-file-permissions-openshift-pki-key-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovn-db-files: + ocp4-pci-dss-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-master-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler: + ocp4-pci-dss-node-master-file-permissions-scheduler: default_result: PASS - e2e-pci-dss-node-master-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-kube-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-oauth-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-master-file-permissions-var-log-ocp-audit: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-ca: + ocp4-pci-dss-node-master-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-master-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-master-file-permissions-worker-service: + ocp4-pci-dss-node-master-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-master-kubelet-anonymous-auth: + ocp4-pci-dss-node-master-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-master-kubelet-authorization-mode: + ocp4-pci-dss-node-master-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-client-ca: + ocp4-pci-dss-node-master-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-event-creation: + ocp4-pci-dss-node-master-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-master-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-master-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-master-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-master-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-master-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-master-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-master-tls-version-check-masters-workers: + ocp4-pci-dss-node-master-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-worker-directory-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-etcd-unique-ca: + ocp4-pci-dss-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-cni-conf: + ocp4-pci-dss-node-worker-file-groupowner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-data-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-member: + ocp4-pci-dss-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ip-allocations: + ocp4-pci-dss-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-apiserver: + ocp4-pci-dss-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kube-scheduler: + ocp4-pci-dss-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-kubelet-conf: + ocp4-pci-dss-node-worker-file-groupowner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-multus-conf: + ocp4-pci-dss-node-worker-file-groupowner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovn-db-files: + ocp4-pci-dss-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-worker-ca: + ocp4-pci-dss-node-worker-file-groupowner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-groupowner-worker-service: + ocp4-pci-dss-node-worker-file-groupowner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-owner-cni-conf: + ocp4-pci-dss-node-worker-file-owner-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-dir: + ocp4-pci-dss-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-data-files: + ocp4-pci-dss-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-member: + ocp4-pci-dss-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ip-allocations: + ocp4-pci-dss-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-apiserver: + ocp4-pci-dss-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-controller-manager: + ocp4-pci-dss-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kube-scheduler: + ocp4-pci-dss-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-kubelet: + ocp4-pci-dss-node-worker-file-owner-kubelet: default_result: PASS - e2e-pci-dss-node-worker-file-owner-kubelet-conf: + ocp4-pci-dss-node-worker-file-owner-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-multus-conf: + ocp4-pci-dss-node-worker-file-owner-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovn-db-files: + ocp4-pci-dss-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-owner-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-owner-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-owner-worker-ca: + ocp4-pci-dss-node-worker-file-owner-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-owner-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-owner-worker-service: + ocp4-pci-dss-node-worker-file-owner-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-ownership-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-ownership-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-ownership-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-cni-conf: + ocp4-pci-dss-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-dir: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-data-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-member: + ocp4-pci-dss-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ip-allocations: + ocp4-pci-dss-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-apiserver: + ocp4-pci-dss-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kube-controller-manager: + ocp4-pci-dss-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-kubelet-conf: + ocp4-pci-dss-node-worker-file-permissions-kubelet-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-pci-dss-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-multus-conf: + ocp4-pci-dss-node-worker-file-permissions-multus-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-openshift-pki-key-files: + ocp4-pci-dss-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-pci-dss-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovn-db-files: + ocp4-pci-dss-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-pci-dss-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-pci-dss-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-pci-dss-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-ovsdb-server-pid: + ocp4-pci-dss-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-scheduler: + ocp4-pci-dss-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-kube-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-kube-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-oauth-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-oauth-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-var-log-ocp-audit: + ocp4-pci-dss-node-worker-file-permissions-var-log-ocp-audit: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-file-permissions-worker-ca: + ocp4-pci-dss-node-worker-file-permissions-worker-ca: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-kubeconfig: + ocp4-pci-dss-node-worker-file-permissions-worker-kubeconfig: default_result: PASS - e2e-pci-dss-node-worker-file-permissions-worker-service: + ocp4-pci-dss-node-worker-file-permissions-worker-service: default_result: PASS - e2e-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-pci-dss-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-anonymous-auth: + ocp4-pci-dss-node-worker-kubelet-anonymous-auth: default_result: PASS - e2e-pci-dss-node-worker-kubelet-authorization-mode: + ocp4-pci-dss-node-worker-kubelet-authorization-mode: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-client-ca: + ocp4-pci-dss-node-worker-kubelet-configure-client-ca: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-event-creation: + ocp4-pci-dss-node-worker-kubelet-configure-event-creation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-pci-dss-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-client-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-iptables-util-chains: + ocp4-pci-dss-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-server-cert-rotation: + ocp4-pci-dss-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS - e2e-pci-dss-node-worker-kubelet-enable-streaming-connections: + ocp4-pci-dss-node-worker-kubelet-enable-streaming-connections: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS - e2e-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-pci-dss-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS - e2e-pci-dss-node-worker-partition-for-var-log-kube-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-kube-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-oauth-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: + ocp4-pci-dss-node-worker-partition-for-var-log-openshift-apiserver: default_result: MANUAL - e2e-pci-dss-node-worker-tls-version-check-masters-workers: + ocp4-pci-dss-node-worker-tls-version-check-masters-workers: default_result: PASS - e2e-pci-dss-node-master-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-master-directory-access-var-log-kube-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-master-directory-access-var-log-oauth-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-master-directory-access-var-log-ocp-audit: default_result: FAIL result_after_remediation: PASS - e2e-pci-dss-node-master-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-worker-directory-access-var-log-kube-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-kube-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-oauth-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-oauth-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-directory-access-var-log-ocp-audit: + ocp4-pci-dss-node-worker-directory-access-var-log-ocp-audit: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-pci-dss-node-worker-kubelet-configure-tls-min-version: + ocp4-pci-dss-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-pci-dss-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-4.12.yml b/tests/assertions/ocp4/ocp4-stig-4.12.yml index d6cb96424255..b4b47f4fecac 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.12.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.12.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.13.yml b/tests/assertions/ocp4/ocp4-stig-4.13.yml index c9a741c04ab9..ccb97b66ed6f 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.13.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.13.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.14.yml b/tests/assertions/ocp4/ocp4-stig-4.14.yml index 071323dc774d..02965c32ae87 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.14.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.14.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.15.yml b/tests/assertions/ocp4/ocp4-stig-4.15.yml index 071323dc774d..02965c32ae87 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.15.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.15.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.16.yml b/tests/assertions/ocp4/ocp4-stig-4.16.yml index 071323dc774d..02965c32ae87 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.16.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.16.yml @@ -1,368 +1,368 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.17.yml b/tests/assertions/ocp4/ocp4-stig-4.17.yml index 31297aa26e35..297056a33cde 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.17.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.17.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-4.18.yml b/tests/assertions/ocp4/ocp4-stig-4.18.yml index 31297aa26e35..297056a33cde 100644 --- a/tests/assertions/ocp4/ocp4-stig-4.18.yml +++ b/tests/assertions/ocp4/ocp4-stig-4.18.yml @@ -1,369 +1,369 @@ rule_results: - e2e-stig-accounts-restrict-service-account-tokens: + ocp4-stig-accounts-restrict-service-account-tokens: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-accounts-unique-service-account: + ocp4-stig-accounts-unique-service-account: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-api-server-admission-control-plugin-alwaysadmit: + ocp4-stig-api-server-admission-control-plugin-alwaysadmit: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-alwayspullimages: + ocp4-stig-api-server-admission-control-plugin-alwayspullimages: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-namespacelifecycle: + ocp4-stig-api-server-admission-control-plugin-namespacelifecycle: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-noderestriction: + ocp4-stig-api-server-admission-control-plugin-noderestriction: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-scc: + ocp4-stig-api-server-admission-control-plugin-scc: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-securitycontextdeny: + ocp4-stig-api-server-admission-control-plugin-securitycontextdeny: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-admission-control-plugin-service-account: + ocp4-stig-api-server-admission-control-plugin-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-anonymous-auth: + ocp4-stig-api-server-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-flowschema-catch-all: + ocp4-stig-api-server-api-priority-flowschema-catch-all: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-api-priority-gate-enabled: + ocp4-stig-api-server-api-priority-gate-enabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-audit-log-maxbackup: + ocp4-stig-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-maxsize: + ocp4-stig-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-audit-log-path: + ocp4-stig-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-no-aa: + ocp4-stig-api-server-auth-mode-no-aa: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-node: + ocp4-stig-api-server-auth-mode-node: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-auth-mode-rbac: + ocp4-stig-api-server-auth-mode-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-basic-auth: + ocp4-stig-api-server-basic-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-bind-address: + ocp4-stig-api-server-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-encryption-provider-cipher: + ocp4-stig-api-server-encryption-provider-cipher: default_result: FAIL result_after_remediation: PASS - e2e-stig-api-server-etcd-cert: + ocp4-stig-api-server-etcd-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-etcd-key: + ocp4-stig-api-server-etcd-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-https-for-kubelet-conn: + ocp4-stig-api-server-https-for-kubelet-conn: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-bind-address: + ocp4-stig-api-server-insecure-bind-address: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-insecure-port: + ocp4-stig-api-server-insecure-port: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-certificate-authority: + ocp4-stig-api-server-kubelet-certificate-authority: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-kubelet-client-cert: + ocp4-stig-api-server-kubelet-client-cert: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-cert-pre-4-9: + ocp4-stig-api-server-kubelet-client-cert-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key: + ocp4-stig-api-server-kubelet-client-key: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-kubelet-client-key-pre-4-9: + ocp4-stig-api-server-kubelet-client-key-pre-4-9: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-api-server-no-adm-ctrl-plugins-disabled: + ocp4-stig-api-server-no-adm-ctrl-plugins-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-oauth-https-serving-cert: + ocp4-stig-api-server-oauth-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-openshift-https-serving-cert: + ocp4-stig-api-server-openshift-https-serving-cert: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-profiling-protected-by-rbac: + ocp4-stig-api-server-profiling-protected-by-rbac: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-request-timeout: + ocp4-stig-api-server-request-timeout: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-lookup: + ocp4-stig-api-server-service-account-lookup: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-service-account-public-key: + ocp4-stig-api-server-service-account-public-key: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-cipher-suites: + ocp4-stig-api-server-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-tls-security-profile: + ocp4-stig-api-server-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-api-server-token-auth: + ocp4-stig-api-server-token-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-error-alert-exists: + ocp4-stig-audit-error-alert-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-audit-log-forwarding-enabled: + ocp4-stig-audit-log-forwarding-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-log-forwarding-uses-tls: + ocp4-stig-audit-log-forwarding-uses-tls: default_result: FAIL result_after_remediation: PASS - e2e-stig-audit-profile-set: + ocp4-stig-audit-profile-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-classification-banner: + ocp4-stig-classification-banner: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-logging-operator-exist: + ocp4-stig-cluster-logging-operator-exist: default_result: FAIL result_after_remediation: PASS - e2e-stig-cluster-version-operator-exists: + ocp4-stig-cluster-version-operator-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-cluster-version-operator-verify-integrity: + ocp4-stig-cluster-version-operator-verify-integrity: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies: + ocp4-stig-configure-network-policies: default_result: PASS result_after_remediation: PASS - e2e-stig-configure-network-policies-namespaces: + ocp4-stig-configure-network-policies-namespaces: default_result: PASS result_after_remediation: PASS - e2e-stig-container-security-operator-exists: + ocp4-stig-container-security-operator-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-controller-insecure-port-disabled: + ocp4-stig-controller-insecure-port-disabled: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-rotate-kubelet-server-certs: + ocp4-stig-controller-rotate-kubelet-server-certs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-controller-secure-port: + ocp4-stig-controller-secure-port: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-ca: + ocp4-stig-controller-service-account-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-service-account-private-key: + ocp4-stig-controller-service-account-private-key: default_result: PASS result_after_remediation: PASS - e2e-stig-controller-use-service-account: + ocp4-stig-controller-use-service-account: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-auto-tls: + ocp4-stig-etcd-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-cert-file: + ocp4-stig-etcd-cert-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-client-cert-auth: + ocp4-stig-etcd-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-key-file: + ocp4-stig-etcd-key-file: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-auto-tls: + ocp4-stig-etcd-peer-auto-tls: default_result: PASS result_after_remediation: PASS - e2e-stig-etcd-peer-client-cert-auth: + ocp4-stig-etcd-peer-client-cert-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-file-groupowner-proxy-kubeconfig: + ocp4-stig-file-groupowner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-integrity-exists: + ocp4-stig-file-integrity-exists: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-file-owner-proxy-kubeconfig: + ocp4-stig-file-owner-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-file-permissions-proxy-kubeconfig: + ocp4-stig-file-permissions-proxy-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-fips-mode-enabled-on-all-nodes: + ocp4-stig-fips-mode-enabled-on-all-nodes: default_result: PASS result_after_remediation: PASS - e2e-stig-general-apply-scc: + ocp4-stig-general-apply-scc: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-configure-imagepolicywebhook: + ocp4-stig-general-configure-imagepolicywebhook: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-namespace-use: + ocp4-stig-general-default-namespace-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-default-seccomp-profile: + ocp4-stig-general-default-seccomp-profile: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-general-namespaces-in-use: + ocp4-stig-general-namespaces-in-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-idp-is-configured: + ocp4-stig-idp-is-configured: default_result: FAIL result_after_remediation: PASS - e2e-stig-image-pruner-active: + ocp4-stig-image-pruner-active: default_result: PASS result_after_remediation: PASS - e2e-stig-imagestream-sets-schedule: + ocp4-stig-imagestream-sets-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-ingress-controller-tls-security-profile: + ocp4-stig-ingress-controller-tls-security-profile: default_result: PASS result_after_remediation: PASS - e2e-stig-kubeadmin-removed: + ocp4-stig-kubeadmin-removed: default_result: FAIL result_after_remediation: FAIL - e2e-stig-kubelet-disable-readonly-port: + ocp4-stig-kubelet-disable-readonly-port: default_result: PASS result_after_remediation: PASS - e2e-stig-oauth-login-template-set: + ocp4-stig-oauth-login-template-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-logout-url-set: + ocp4-stig-oauth-logout-url-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-inactivity-timeout: + ocp4-stig-oauth-or-oauthclient-inactivity-timeout: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-or-oauthclient-token-maxage: + ocp4-stig-oauth-or-oauthclient-token-maxage: default_result: FAIL result_after_remediation: PASS - e2e-stig-oauth-provider-selection-set: + ocp4-stig-oauth-provider-selection-set: default_result: FAIL result_after_remediation: PASS - e2e-stig-ocp-allowed-registries: + ocp4-stig-ocp-allowed-registries: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-allowed-registries-for-import: + ocp4-stig-ocp-allowed-registries-for-import: default_result: FAIL result_after_remediation: FAIL - e2e-stig-ocp-api-server-audit-log-maxbackup: + ocp4-stig-ocp-api-server-audit-log-maxbackup: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-api-server-audit-log-maxsize: + ocp4-stig-ocp-api-server-audit-log-maxsize: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-idp-no-htpasswd: + ocp4-stig-ocp-idp-no-htpasswd: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-allowed-registries-for-import: + ocp4-stig-ocp-insecure-allowed-registries-for-import: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-insecure-registries: + ocp4-stig-ocp-insecure-registries: default_result: PASS result_after_remediation: PASS - e2e-stig-ocp-no-ldap-insecure: + ocp4-stig-ocp-no-ldap-insecure: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-api-server-audit-log-path: + ocp4-stig-openshift-api-server-audit-log-path: default_result: PASS result_after_remediation: PASS - e2e-stig-openshift-motd-exists: + ocp4-stig-openshift-motd-exists: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-network-policy: + ocp4-stig-project-config-and-template-network-policy: default_result: FAIL result_after_remediation: PASS - e2e-stig-project-config-and-template-resource-quota: + ocp4-stig-project-config-and-template-resource-quota: default_result: FAIL result_after_remediation: PASS - e2e-stig-rbac-debug-role-protects-pprof: + ocp4-stig-rbac-debug-role-protects-pprof: default_result: PASS result_after_remediation: PASS - e2e-stig-rbac-least-privilege: + ocp4-stig-rbac-least-privilege: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-cluster-admin: + ocp4-stig-rbac-limit-cluster-admin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-limit-secrets-access: + ocp4-stig-rbac-limit-secrets-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-del: + ocp4-stig-rbac-logging-del: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-mod: + ocp4-stig-rbac-logging-mod: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-logging-view: + ocp4-stig-rbac-logging-view: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-pod-creation-access: + ocp4-stig-rbac-pod-creation-access: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-rbac-wildcard-use: + ocp4-stig-rbac-wildcard-use: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-resource-requests-quota-per-project: + ocp4-stig-resource-requests-quota-per-project: default_result: PASS - e2e-stig-routes-rate-limit: + ocp4-stig-routes-rate-limit: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettingbinding-exists: + ocp4-stig-scansettingbinding-exists: default_result: PASS result_after_remediation: PASS - e2e-stig-scansettings-have-schedule: + ocp4-stig-scansettings-have-schedule: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-drop-container-capabilities: + ocp4-stig-scc-drop-container-capabilities: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-container-allowed-capabilities: + ocp4-stig-scc-limit-container-allowed-capabilities: default_result: PASS result_after_remediation: PASS - e2e-stig-scc-limit-host-dir-volume-plugin: + ocp4-stig-scc-limit-host-dir-volume-plugin: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-host-ports: + ocp4-stig-scc-limit-host-ports: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-ipc-namespace: + ocp4-stig-scc-limit-ipc-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-net-raw-capability: + ocp4-stig-scc-limit-net-raw-capability: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-network-namespace: + ocp4-stig-scc-limit-network-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privilege-escalation: + ocp4-stig-scc-limit-privilege-escalation: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-privileged-containers: + ocp4-stig-scc-limit-privileged-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-process-id-namespace: + ocp4-stig-scc-limit-process-id-namespace: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-scc-limit-root-containers: + ocp4-stig-scc-limit-root-containers: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-consider-external-storage: + ocp4-stig-secrets-consider-external-storage: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-secrets-no-environment-variables: + ocp4-stig-secrets-no-environment-variables: default_result: MANUAL result_after_remediation: MANUAL diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.12.yml b/tests/assertions/ocp4/ocp4-stig-node-4.12.yml index 2e18d4c650a1..9ff91624361f 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.12.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.12.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: FAIL result_after_remediation: FAIL - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.13.yml b/tests/assertions/ocp4/ocp4-stig-node-4.13.yml index a0706fae8250..2ec0748024a8 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.13.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.13.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: FAIL - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: FAIL - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.14.yml b/tests/assertions/ocp4/ocp4-stig-node-4.14.yml index 1772d69360e5..21d7e4cd241f 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.14.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.14.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.15.yml b/tests/assertions/ocp4/ocp4-stig-node-4.15.yml index 1772d69360e5..21d7e4cd241f 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.15.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.15.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.16.yml b/tests/assertions/ocp4/ocp4-stig-node-4.16.yml index 1772d69360e5..21d7e4cd241f 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.16.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.16.yml @@ -1,641 +1,641 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.17.yml b/tests/assertions/ocp4/ocp4-stig-node-4.17.yml index 7fd94e81450e..eed9860a9863 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.17.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.17.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/ocp4-stig-node-4.18.yml b/tests/assertions/ocp4/ocp4-stig-node-4.18.yml index 8d54ac2dcfe3..569888ddec52 100644 --- a/tests/assertions/ocp4/ocp4-stig-node-4.18.yml +++ b/tests/assertions/ocp4/ocp4-stig-node-4.18.yml @@ -1,655 +1,655 @@ rule_results: - e2e-stig-node-master-etcd-unique-ca: + ocp4-stig-node-master-etcd-unique-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-cni-conf: + ocp4-stig-node-master-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-groupowner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-dir: + ocp4-stig-node-master-file-groupowner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-data-files: + ocp4-stig-node-master-file-groupowner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-member: + ocp4-stig-node-master-file-groupowner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-master-file-groupowner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ip-allocations: + ocp4-stig-node-master-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-kube-apiserver: + ocp4-stig-node-master-file-groupowner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-controller-manager: + ocp4-stig-node-master-file-groupowner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kube-scheduler: + ocp4-stig-node-master-file-groupowner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-kubelet-conf: + ocp4-stig-node-master-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-groupowner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-multus-conf: + ocp4-stig-node-master-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-master-file-groupowner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-master-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovn-db-files: + ocp4-stig-node-master-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-pid: + ocp4-stig-node-master-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-master-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-master-file-groupowner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-ca: + ocp4-stig-node-master-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-kubeconfig: + ocp4-stig-node-master-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-worker-service: + ocp4-stig-node-master-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-cni-conf: + ocp4-stig-node-master-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-master-file-owner-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-dir: + ocp4-stig-node-master-file-owner-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-data-files: + ocp4-stig-node-master-file-owner-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-member: + ocp4-stig-node-master-file-owner-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-etcd-pki-cert-files: + ocp4-stig-node-master-file-owner-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-master-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ip-allocations: + ocp4-stig-node-master-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-kube-apiserver: + ocp4-stig-node-master-file-owner-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-controller-manager: + ocp4-stig-node-master-file-owner-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kube-scheduler: + ocp4-stig-node-master-file-owner-kube-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet: + ocp4-stig-node-master-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-kubelet-conf: + ocp4-stig-node-master-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-master-file-owner-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-multus-conf: + ocp4-stig-node-master-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-cert-files: + ocp4-stig-node-master-file-owner-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-pki-key-files: + ocp4-stig-node-master-file-owner-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-owner-ovn-cni-server-sock: + ocp4-stig-node-master-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovn-db-files: + ocp4-stig-node-master-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db: + ocp4-stig-node-master-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-conf-db-lock: + ocp4-stig-node-master-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-pid: + ocp4-stig-node-master-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-sys-id-conf: + ocp4-stig-node-master-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-master-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-ovsdb-server-pid: + ocp4-stig-node-master-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-scheduler-kubeconfig: + ocp4-stig-node-master-file-owner-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-ca: + ocp4-stig-node-master-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-kubeconfig: + ocp4-stig-node-master-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-owner-worker-service: + ocp4-stig-node-master-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-cni-conf: + ocp4-stig-node-master-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-master-file-permissions-controller-manager-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-dir: + ocp4-stig-node-master-file-permissions-etcd-data-dir: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-data-files: + ocp4-stig-node-master-file-permissions-etcd-data-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-member: + ocp4-stig-node-master-file-permissions-etcd-member: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-master-file-permissions-etcd-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ip-allocations: + ocp4-stig-node-master-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-file-permissions-kube-apiserver: + ocp4-stig-node-master-file-permissions-kube-apiserver: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kube-controller-manager: + ocp4-stig-node-master-file-permissions-kube-controller-manager: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet: + ocp4-stig-node-master-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-kubelet-conf: + ocp4-stig-node-master-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-master-file-permissions-master-admin-kubeconfigs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-multus-conf: + ocp4-stig-node-master-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-master-file-permissions-openshift-pki-cert-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-openshift-pki-key-files: + ocp4-stig-node-master-file-permissions-openshift-pki-key-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-master-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovn-db-files: + ocp4-stig-node-master-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db: + ocp4-stig-node-master-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-master-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-pid: + ocp4-stig-node-master-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-master-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-master-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-ovsdb-server-pid: + ocp4-stig-node-master-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler: + ocp4-stig-node-master-file-permissions-scheduler: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-master-file-permissions-scheduler-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-ca: + ocp4-stig-node-master-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-kubeconfig: + ocp4-stig-node-master-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-permissions-worker-service: + ocp4-stig-node-master-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-master-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-master-kubelet-anonymous-auth: + ocp4-stig-node-master-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-authorization-mode: + ocp4-stig-node-master-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-client-ca: + ocp4-stig-node-master-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-event-creation: + ocp4-stig-node-master-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-master-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-configure-tls-min-version: + ocp4-stig-node-master-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-cert-rotation: + ocp4-stig-node-master-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-client-cert-rotation: + ocp4-stig-node-master-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-iptables-util-chains: + ocp4-stig-node-master-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-master-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-master-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-server-cert-rotation: + ocp4-stig-node-master-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-enable-streaming-connections: + ocp4-stig-node-master-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-master-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-master-reject-unsigned-images-by-default: + ocp4-stig-node-master-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-worker-etcd-unique-ca: + ocp4-stig-node-worker-etcd-unique-ca: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-cni-conf: + ocp4-stig-node-worker-file-groupowner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-groupowner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-dir: + ocp4-stig-node-worker-file-groupowner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-data-files: + ocp4-stig-node-worker-file-groupowner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-member: + ocp4-stig-node-worker-file-groupowner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ip-allocations: + ocp4-stig-node-worker-file-groupowner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-apiserver: + ocp4-stig-node-worker-file-groupowner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-controller-manager: + ocp4-stig-node-worker-file-groupowner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kube-scheduler: + ocp4-stig-node-worker-file-groupowner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-kubelet-conf: + ocp4-stig-node-worker-file-groupowner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-groupowner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-multus-conf: + ocp4-stig-node-worker-file-groupowner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-pki-key-files: + ocp4-stig-node-worker-file-groupowner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-groupowner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-groupowner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovn-db-files: + ocp4-stig-node-worker-file-groupowner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-pid: + ocp4-stig-node-worker-file-groupowner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-groupowner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-ovsdb-server-pid: + ocp4-stig-node-worker-file-groupowner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-groupowner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-worker-ca: + ocp4-stig-node-worker-file-groupowner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-kubeconfig: + ocp4-stig-node-worker-file-groupowner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-groupowner-worker-service: + ocp4-stig-node-worker-file-groupowner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-cni-conf: + ocp4-stig-node-worker-file-owner-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-owner-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-dir: + ocp4-stig-node-worker-file-owner-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-data-files: + ocp4-stig-node-worker-file-owner-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-member: + ocp4-stig-node-worker-file-owner-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-etcd-pki-cert-files: + ocp4-stig-node-worker-file-owner-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-groupowner-permissions-pod-logs: + ocp4-stig-node-worker-file-owner-groupowner-permissions-pod-logs: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ip-allocations: + ocp4-stig-node-worker-file-owner-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-apiserver: + ocp4-stig-node-worker-file-owner-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-controller-manager: + ocp4-stig-node-worker-file-owner-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kube-scheduler: + ocp4-stig-node-worker-file-owner-kube-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-kubelet: + ocp4-stig-node-worker-file-owner-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-kubelet-conf: + ocp4-stig-node-worker-file-owner-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-owner-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-multus-conf: + ocp4-stig-node-worker-file-owner-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-openshift-pki-cert-files: + ocp4-stig-node-worker-file-owner-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-pki-key-files: + ocp4-stig-node-worker-file-owner-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-owner-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-ovn-cni-server-sock: + ocp4-stig-node-worker-file-owner-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovn-db-files: + ocp4-stig-node-worker-file-owner-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db: + ocp4-stig-node-worker-file-owner-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-conf-db-lock: + ocp4-stig-node-worker-file-owner-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-pid: + ocp4-stig-node-worker-file-owner-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-sys-id-conf: + ocp4-stig-node-worker-file-owner-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-owner-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-ovsdb-server-pid: + ocp4-stig-node-worker-file-owner-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-scheduler-kubeconfig: + ocp4-stig-node-worker-file-owner-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-owner-worker-ca: + ocp4-stig-node-worker-file-owner-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-kubeconfig: + ocp4-stig-node-worker-file-owner-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-owner-worker-service: + ocp4-stig-node-worker-file-owner-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-cni-conf: + ocp4-stig-node-worker-file-permissions-cni-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-controller-manager-kubeconfig: + ocp4-stig-node-worker-file-permissions-controller-manager-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-dir: + ocp4-stig-node-worker-file-permissions-etcd-data-dir: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-data-files: + ocp4-stig-node-worker-file-permissions-etcd-data-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-member: + ocp4-stig-node-worker-file-permissions-etcd-member: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-etcd-pki-cert-files: + ocp4-stig-node-worker-file-permissions-etcd-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ip-allocations: + ocp4-stig-node-worker-file-permissions-ip-allocations: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-apiserver: + ocp4-stig-node-worker-file-permissions-kube-apiserver: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kube-controller-manager: + ocp4-stig-node-worker-file-permissions-kube-controller-manager: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-kubelet: + ocp4-stig-node-worker-file-permissions-kubelet: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-kubelet-conf: + ocp4-stig-node-worker-file-permissions-kubelet-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-master-admin-kubeconfigs: + ocp4-stig-node-worker-file-permissions-master-admin-kubeconfigs: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-multus-conf: + ocp4-stig-node-worker-file-permissions-multus-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-openshift-pki-cert-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-cert-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-openshift-pki-key-files: + ocp4-stig-node-worker-file-permissions-openshift-pki-key-files: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-ovn-cni-server-sock: + ocp4-stig-node-worker-file-permissions-ovn-cni-server-sock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovn-db-files: + ocp4-stig-node-worker-file-permissions-ovn-db-files: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db: + ocp4-stig-node-worker-file-permissions-ovs-conf-db: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-conf-db-lock: + ocp4-stig-node-worker-file-permissions-ovs-conf-db-lock: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-pid: + ocp4-stig-node-worker-file-permissions-ovs-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-sys-id-conf: + ocp4-stig-node-worker-file-permissions-ovs-sys-id-conf: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovs-vswitchd-pid: + ocp4-stig-node-worker-file-permissions-ovs-vswitchd-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-ovsdb-server-pid: + ocp4-stig-node-worker-file-permissions-ovsdb-server-pid: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-scheduler: + ocp4-stig-node-worker-file-permissions-scheduler: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-scheduler-kubeconfig: + ocp4-stig-node-worker-file-permissions-scheduler-kubeconfig: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-file-permissions-worker-ca: + ocp4-stig-node-worker-file-permissions-worker-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-kubeconfig: + ocp4-stig-node-worker-file-permissions-worker-kubeconfig: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-permissions-worker-service: + ocp4-stig-node-worker-file-permissions-worker-service: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-file-perms-openshift-sdn-cniserver-config: + ocp4-stig-node-worker-file-perms-openshift-sdn-cniserver-config: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-stig-node-worker-kubelet-anonymous-auth: + ocp4-stig-node-worker-kubelet-anonymous-auth: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-authorization-mode: + ocp4-stig-node-worker-kubelet-authorization-mode: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-client-ca: + ocp4-stig-node-worker-kubelet-configure-client-ca: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-event-creation: + ocp4-stig-node-worker-kubelet-configure-event-creation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-cipher-suites: + ocp4-stig-node-worker-kubelet-configure-tls-cipher-suites: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-configure-tls-min-version: + ocp4-stig-node-worker-kubelet-configure-tls-min-version: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-client-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-client-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-iptables-util-chains: + ocp4-stig-node-worker-kubelet-enable-iptables-util-chains: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-defaults: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-defaults: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-protect-kernel-sysctl: + ocp4-stig-node-worker-kubelet-enable-protect-kernel-sysctl: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-server-cert-rotation: + ocp4-stig-node-worker-kubelet-enable-server-cert-rotation: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-enable-streaming-connections: + ocp4-stig-node-worker-kubelet-enable-streaming-connections: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-imagefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-memory-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-available: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: + ocp4-stig-node-worker-kubelet-eviction-thresholds-set-hard-nodefs-inodesfree: default_result: PASS result_after_remediation: PASS - e2e-stig-node-worker-reject-unsigned-images-by-default: + ocp4-stig-node-worker-reject-unsigned-images-by-default: default_result: FAIL result_after_remediation: PASS - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-master-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-conf-db-lock-openvswitch: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-hugetlbfs: default_result: PASS or NOT-APPLICABLE - e2e-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: + ocp4-stig-node-worker-file-groupowner-ovs-sys-id-conf-openvswitch: default_result: PASS or NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-e8-4.12.yml b/tests/assertions/ocp4/rhcos4-e8-4.12.yml index 744e425f0108..77e545062861 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.12.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.13.yml b/tests/assertions/ocp4/rhcos4-e8-4.13.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.13.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.14.yml b/tests/assertions/ocp4/rhcos4-e8-4.14.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.14.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.15.yml b/tests/assertions/ocp4/rhcos4-e8-4.15.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.15.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.16.yml b/tests/assertions/ocp4/rhcos4-e8-4.16.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.16.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.17.yml b/tests/assertions/ocp4/rhcos4-e8-4.17.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.17.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-e8-4.18.yml b/tests/assertions/ocp4/rhcos4-e8-4.18.yml index 551df8b0137c..8132c55fde80 100644 --- a/tests/assertions/ocp4/rhcos4-e8-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-e8-4.18.yml @@ -1,301 +1,301 @@ rule_results: - e2e-e8-master-accounts-no-uid-except-zero: + rhcos4-e8-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-master-audit-rules-dac-modification-chmod: + rhcos4-e8-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-dac-modification-chown: + rhcos4-e8-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-execution-chcon: + rhcos4-e8-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-restorecon: + rhcos4-e8-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-semanage: + rhcos4-e8-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setfiles: + rhcos4-e8-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-setsebool: + rhcos4-e8-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-execution-seunshare: + rhcos4-e8-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-delete: + rhcos4-e8-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-finit: + rhcos4-e8-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-kernel-module-loading-init: + rhcos4-e8-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events: + rhcos4-e8-master-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-faillock: + rhcos4-e8-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-lastlog: + rhcos4-e8-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-login-events-tallylog: + rhcos4-e8-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-networkconfig-modification: + rhcos4-e8-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-sysadmin-actions: + rhcos4-e8-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-adjtimex: + rhcos4-e8-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-clock-settime: + rhcos4-e8-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-settimeofday: + rhcos4-e8-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-time-stime: + rhcos4-e8-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-master-audit-rules-time-watch-localtime: + rhcos4-e8-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-audit-rules-usergroup-modification: + rhcos4-e8-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-data-retention-flush: + rhcos4-e8-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-freq: + rhcos4-e8-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-local-events: + rhcos4-e8-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-log-format: + rhcos4-e8-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-master-auditd-name-format: + rhcos4-e8-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-auditd-write-logs: + rhcos4-e8-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-master-configure-crypto-policy: + rhcos4-e8-master-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-configure-ssh-crypto-policy: + rhcos4-e8-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-master-no-empty-passwords: + rhcos4-e8-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-selinux-policytype: + rhcos4-e8-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-master-selinux-state: + rhcos4-e8-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sshd-disable-empty-passwords: + rhcos4-e8-master-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-gssapi-auth: + rhcos4-e8-master-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-rhosts: + rhcos4-e8-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-root-login: + rhcos4-e8-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-disable-user-known-hosts: + rhcos4-e8-master-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-do-not-permit-user-env: + rhcos4-e8-master-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-enable-strictmodes: + rhcos4-e8-master-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-print-last-log: + rhcos4-e8-master-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sshd-set-loglevel-info: + rhcos4-e8-master-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-dmesg-restrict: + rhcos4-e8-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-kptr-restrict: + rhcos4-e8-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-randomize-va-space: + rhcos4-e8-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-master-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-accounts-no-uid-except-zero: + rhcos4-e8-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-audit-rules-dac-modification-chmod: + rhcos4-e8-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-dac-modification-chown: + rhcos4-e8-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-execution-chcon: + rhcos4-e8-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-restorecon: + rhcos4-e8-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-semanage: + rhcos4-e8-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setfiles: + rhcos4-e8-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-setsebool: + rhcos4-e8-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-execution-seunshare: + rhcos4-e8-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-delete: + rhcos4-e8-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-finit: + rhcos4-e8-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-kernel-module-loading-init: + rhcos4-e8-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events: + rhcos4-e8-worker-audit-rules-login-events: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-faillock: + rhcos4-e8-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-lastlog: + rhcos4-e8-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-login-events-tallylog: + rhcos4-e8-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-networkconfig-modification: + rhcos4-e8-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-sysadmin-actions: + rhcos4-e8-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-adjtimex: + rhcos4-e8-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-clock-settime: + rhcos4-e8-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-settimeofday: + rhcos4-e8-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-time-stime: + rhcos4-e8-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-e8-worker-audit-rules-time-watch-localtime: + rhcos4-e8-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-audit-rules-usergroup-modification: + rhcos4-e8-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-data-retention-flush: + rhcos4-e8-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-freq: + rhcos4-e8-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-local-events: + rhcos4-e8-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-log-format: + rhcos4-e8-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-auditd-name-format: + rhcos4-e8-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-auditd-write-logs: + rhcos4-e8-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-configure-crypto-policy: + rhcos4-e8-worker-configure-crypto-policy: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-configure-ssh-crypto-policy: + rhcos4-e8-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-no-empty-passwords: + rhcos4-e8-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-selinux-policytype: + rhcos4-e8-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-selinux-state: + rhcos4-e8-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sshd-disable-empty-passwords: + rhcos4-e8-worker-sshd-disable-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-gssapi-auth: + rhcos4-e8-worker-sshd-disable-gssapi-auth: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-rhosts: + rhcos4-e8-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-root-login: + rhcos4-e8-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-disable-user-known-hosts: + rhcos4-e8-worker-sshd-disable-user-known-hosts: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-do-not-permit-user-env: + rhcos4-e8-worker-sshd-do-not-permit-user-env: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-enable-strictmodes: + rhcos4-e8-worker-sshd-enable-strictmodes: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-print-last-log: + rhcos4-e8-worker-sshd-print-last-log: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sshd-set-loglevel-info: + rhcos4-e8-worker-sshd-set-loglevel-info: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-dmesg-restrict: + rhcos4-e8-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-kptr-restrict: + rhcos4-e8-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-randomize-va-space: + rhcos4-e8-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-e8-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-e8-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-e8-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-e8-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-high-4.12.yml b/tests/assertions/ocp4/rhcos4-high-4.12.yml index ed2c3b9d2ff8..174a72dd80a5 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.12.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.13.yml b/tests/assertions/ocp4/rhcos4-high-4.13.yml index 833838d0ef81..9337adb9ce30 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.13.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.14.yml b/tests/assertions/ocp4/rhcos4-high-4.14.yml index 833838d0ef81..9337adb9ce30 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.14.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.15.yml b/tests/assertions/ocp4/rhcos4-high-4.15.yml index 0ac8ddb3bcc0..ef953f011ece 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.15.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.16.yml b/tests/assertions/ocp4/rhcos4-high-4.16.yml index 910d90fbed27..7428aea41f17 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.16.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.17.yml b/tests/assertions/ocp4/rhcos4-high-4.17.yml index 1bc14ec48976..703bee737000 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.17.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.18.yml b/tests/assertions/ocp4/rhcos4-high-4.18.yml index 1bc14ec48976..703bee737000 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.18.yml @@ -1,1449 +1,1449 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-high-4.2.yml b/tests/assertions/ocp4/rhcos4-high-4.2.yml index 88c5a7ffec49..835bac7eaf4a 100644 --- a/tests/assertions/ocp4/rhcos4-high-4.2.yml +++ b/tests/assertions/ocp4/rhcos4-high-4.2.yml @@ -1,1453 +1,1453 @@ rule_results: - e2e-high-master-accounts-no-uid-except-zero: + rhcos4-high-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-chmod: + rhcos4-high-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-chown: + rhcos4-high-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-fchmod: + rhcos4-high-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchmodat: + rhcos4-high-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchown: + rhcos4-high-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fchownat: + rhcos4-high-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fremovexattr: + rhcos4-high-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-fsetxattr: + rhcos4-high-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lchown: + rhcos4-high-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-dac-modification-lremovexattr: + rhcos4-high-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-lsetxattr: + rhcos4-high-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-removexattr: + rhcos4-high-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-dac-modification-setxattr: + rhcos4-high-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-open: + rhcos4-high-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-group-openat: + rhcos4-high-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-open: + rhcos4-high-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-gshadow-openat: + rhcos4-high-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-open: + rhcos4-high-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-passwd-openat: + rhcos4-high-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-open: + rhcos4-high-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-etc-shadow-openat: + rhcos4-high-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-chcon: + rhcos4-high-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-restorecon: + rhcos4-high-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-semanage: + rhcos4-high-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setfiles: + rhcos4-high-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-setsebool: + rhcos4-high-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-execution-seunshare: + rhcos4-high-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rename: + rhcos4-high-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-renameat: + rhcos4-high-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-file-deletion-events-rmdir: + rhcos4-high-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlink: + rhcos4-high-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-immutable: + rhcos4-high-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-delete: + rhcos4-high-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-finit: + rhcos4-high-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-kernel-module-loading-init: + rhcos4-high-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-faillock: + rhcos4-high-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-lastlog: + rhcos4-high-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-login-events-tallylog: + rhcos4-high-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-mac-modification: + rhcos4-high-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-media-export: + rhcos4-high-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-networkconfig-modification: + rhcos4-high-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-at: + rhcos4-high-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chage: + rhcos4-high-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-chsh: + rhcos4-high-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-crontab: + rhcos4-high-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-gpasswd: + rhcos4-high-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-mount: + rhcos4-high-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgidmap: + rhcos4-high-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newgrp: + rhcos4-high-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-newuidmap: + rhcos4-high-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-passwd: + rhcos4-high-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postdrop: + rhcos4-high-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-postqueue: + rhcos4-high-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-pt-chown: + rhcos4-high-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-su: + rhcos4-high-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudo: + rhcos4-high-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-sudoedit: + rhcos4-high-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-umount: + rhcos4-high-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-userhelper: + rhcos4-high-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-privileged-commands-usernetctl: + rhcos4-high-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-session-events: + rhcos4-high-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-sysadmin-actions: + rhcos4-high-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-adjtimex: + rhcos4-high-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-clock-settime: + rhcos4-high-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-settimeofday: + rhcos4-high-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-time-stime: + rhcos4-high-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-time-watch-localtime: + rhcos4-high-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-group: + rhcos4-high-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-gshadow: + rhcos4-high-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-opasswd: + rhcos4-high-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-passwd: + rhcos4-high-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-master-audit-rules-usergroup-modification-shadow: + rhcos4-high-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-error-action: + rhcos4-high-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-disk-full-action: + rhcos4-high-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-admin-space-left-action: + rhcos4-high-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-flush: + rhcos4-high-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file: + rhcos4-high-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-max-log-file-action: + rhcos4-high-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-num-logs: + rhcos4-high-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left: + rhcos4-high-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-data-retention-space-left-action: + rhcos4-high-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-freq: + rhcos4-high-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-local-events: + rhcos4-high-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-log-format: + rhcos4-high-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-master-auditd-name-format: + rhcos4-high-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-master-auditd-write-logs: + rhcos4-high-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-master-banner-etc-issue: + rhcos4-high-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-master-bios-disable-usb-boot: + rhcos4-high-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-chronyd-client-only: + rhcos4-high-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-no-chronyc-network: + rhcos4-high-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-crypto-policy: + rhcos4-high-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-kerberos-crypto-policy: + rhcos4-high-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-openssl-crypto-policy: + rhcos4-high-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-ssh-crypto-policy: + rhcos4-high-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-master-configure-usbguard-auditbackend: + rhcos4-high-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-master-coredump-disable-backtraces: + rhcos4-high-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coredump-disable-storage: + rhcos4-high-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-audit-option: + rhcos4-high-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-disable-interactive-boot: + rhcos4-high-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-enable-selinux-kernel-argument: + rhcos4-high-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-master-coreos-nousb-kernel-argument: + rhcos4-high-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-page-poison-kernel-argument: + rhcos4-high-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-pti-kernel-argument: + rhcos4-high-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-coreos-vsyscall-kernel-argument: + rhcos4-high-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-access-var-log-audit: + rhcos4-high-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-master-directory-permissions-var-log-audit: + rhcos4-high-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-burstaction: + rhcos4-high-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-ctrlaltdel-reboot: + rhcos4-high-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-master-disable-users-coredumps: + rhcos4-high-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-master-enable-fips-mode: + rhcos4-high-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-master-ensure-logrotate-activated: + rhcos4-high-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-master-file-groupowner-sshd-config: + rhcos4-high-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-owner-sshd-config: + rhcos4-high-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-ownership-var-log-audit: + rhcos4-high-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-config: + rhcos4-high-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-private-key: + rhcos4-high-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-sshd-pub-key: + rhcos4-high-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-master-file-permissions-var-log-audit: + rhcos4-high-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-master-kernel-module-atm-disabled: + rhcos4-high-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-bluetooth-disabled: + rhcos4-high-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-can-disabled: + rhcos4-high-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cfg80211-disabled: + rhcos4-high-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-cramfs-disabled: + rhcos4-high-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-firewire-core-disabled: + rhcos4-high-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-freevxfs-disabled: + rhcos4-high-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfs-disabled: + rhcos4-high-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-hfsplus-disabled: + rhcos4-high-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlmvm-disabled: + rhcos4-high-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-iwlwifi-disabled: + rhcos4-high-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-jffs2-disabled: + rhcos4-high-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-mac80211-disabled: + rhcos4-high-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-sctp-disabled: + rhcos4-high-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-squashfs-disabled: + rhcos4-high-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-tipc-disabled: + rhcos4-high-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-udf-disabled: + rhcos4-high-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-kernel-module-usb-storage-disabled: + rhcos4-high-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-direct-root-logins: + rhcos4-high-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-empty-passwords: + rhcos4-high-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-master-no-netrc-files: + rhcos4-high-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-shelllogin-for-systemaccounts: + rhcos4-high-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-master-no-tmux-in-shells: + rhcos4-high-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-master-package-audit-installed: + rhcos4-high-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-iptables-installed: + rhcos4-high-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-iptables-nft-installed: + rhcos4-high-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-package-sudo-installed: + rhcos4-high-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-master-package-usbguard-installed: + rhcos4-high-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-master-partition-for-var-log: + rhcos4-high-master-partition-for-var-log: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-partition-for-var-log-audit: + rhcos4-high-master-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-require-singleuser-auth: + rhcos4-high-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-policytype: + rhcos4-high-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-master-selinux-state: + rhcos4-high-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-auditd-enabled: + rhcos4-high-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-autofs-disabled: + rhcos4-high-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-master-service-bluetooth-disabled: + rhcos4-high-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-chronyd-or-ntpd-enabled: + rhcos4-high-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-master-service-debug-shell-disabled: + rhcos4-high-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-sshd-disabled: + rhcos4-high-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-service-systemd-coredump-disabled: + rhcos4-high-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-service-usbguard-enabled: + rhcos4-high-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-disable-rhosts: + rhcos4-high-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-limit-user-access: + rhcos4-high-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-master-sshd-set-idle-timeout: + rhcos4-high-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sshd-set-keepalive: + rhcos4-high-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-hardlinks: + rhcos4-high-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-fs-protected-symlinks: + rhcos4-high-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-core-pattern: + rhcos4-high-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-dmesg-restrict: + rhcos4-high-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kexec-load-disabled: + rhcos4-high-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-kptr-restrict: + rhcos4-high-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-kernel-perf-event-paranoid: + rhcos4-high-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-core-bpf-jit-harden: + rhcos4-high-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-master-usbguard-allow-hid-and-hub: + rhcos4-high-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-master-wireless-disable-in-bios: + rhcos4-high-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-master-wireless-disable-interfaces: + rhcos4-high-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-accounts-no-uid-except-zero: + rhcos4-high-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-chmod: + rhcos4-high-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-chown: + rhcos4-high-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-fchmod: + rhcos4-high-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchmodat: + rhcos4-high-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchown: + rhcos4-high-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fchownat: + rhcos4-high-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lchown: + rhcos4-high-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-high-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-high-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-removexattr: + rhcos4-high-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-dac-modification-setxattr: + rhcos4-high-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-open: + rhcos4-high-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-group-openat: + rhcos4-high-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-open: + rhcos4-high-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-gshadow-openat: + rhcos4-high-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-open: + rhcos4-high-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-passwd-openat: + rhcos4-high-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-open: + rhcos4-high-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-high-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-etc-shadow-openat: + rhcos4-high-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-chcon: + rhcos4-high-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-restorecon: + rhcos4-high-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-semanage: + rhcos4-high-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setfiles: + rhcos4-high-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-setsebool: + rhcos4-high-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-execution-seunshare: + rhcos4-high-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rename: + rhcos4-high-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-renameat: + rhcos4-high-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-high-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlink: + rhcos4-high-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-high-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-immutable: + rhcos4-high-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-delete: + rhcos4-high-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-finit: + rhcos4-high-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-kernel-module-loading-init: + rhcos4-high-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-faillock: + rhcos4-high-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-lastlog: + rhcos4-high-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-login-events-tallylog: + rhcos4-high-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-mac-modification: + rhcos4-high-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-media-export: + rhcos4-high-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-networkconfig-modification: + rhcos4-high-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-at: + rhcos4-high-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chage: + rhcos4-high-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-chsh: + rhcos4-high-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-crontab: + rhcos4-high-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-high-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-mount: + rhcos4-high-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newgrp: + rhcos4-high-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-high-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-high-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-passwd: + rhcos4-high-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postdrop: + rhcos4-high-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-postqueue: + rhcos4-high-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-high-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-high-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-su: + rhcos4-high-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudo: + rhcos4-high-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-high-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-umount: + rhcos4-high-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-high-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-userhelper: + rhcos4-high-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-high-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-session-events: + rhcos4-high-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-sysadmin-actions: + rhcos4-high-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-adjtimex: + rhcos4-high-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-clock-settime: + rhcos4-high-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-settimeofday: + rhcos4-high-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-time-stime: + rhcos4-high-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-time-watch-localtime: + rhcos4-high-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-high-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-group: + rhcos4-high-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-high-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-high-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-passwd: + rhcos4-high-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-audit-rules-usergroup-modification-shadow: + rhcos4-high-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-error-action: + rhcos4-high-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-disk-full-action: + rhcos4-high-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-admin-space-left-action: + rhcos4-high-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-flush: + rhcos4-high-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file: + rhcos4-high-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-max-log-file-action: + rhcos4-high-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-num-logs: + rhcos4-high-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left: + rhcos4-high-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-data-retention-space-left-action: + rhcos4-high-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-freq: + rhcos4-high-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-local-events: + rhcos4-high-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-log-format: + rhcos4-high-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-high-worker-auditd-name-format: + rhcos4-high-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-auditd-write-logs: + rhcos4-high-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-high-worker-banner-etc-issue: + rhcos4-high-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-bios-disable-usb-boot: + rhcos4-high-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-chronyd-client-only: + rhcos4-high-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-no-chronyc-network: + rhcos4-high-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-high-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-high-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-high-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-crypto-policy: + rhcos4-high-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-kerberos-crypto-policy: + rhcos4-high-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-openssl-crypto-policy: + rhcos4-high-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-ssh-crypto-policy: + rhcos4-high-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-high-worker-configure-usbguard-auditbackend: + rhcos4-high-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-high-worker-coredump-disable-backtraces: + rhcos4-high-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coredump-disable-storage: + rhcos4-high-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-high-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-audit-option: + rhcos4-high-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-disable-interactive-boot: + rhcos4-high-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-enable-selinux-kernel-argument: + rhcos4-high-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-high-worker-coreos-nousb-kernel-argument: + rhcos4-high-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-page-poison-kernel-argument: + rhcos4-high-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-pti-kernel-argument: + rhcos4-high-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-coreos-vsyscall-kernel-argument: + rhcos4-high-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-access-var-log-audit: + rhcos4-high-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-directory-permissions-var-log-audit: + rhcos4-high-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-burstaction: + rhcos4-high-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-ctrlaltdel-reboot: + rhcos4-high-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-disable-users-coredumps: + rhcos4-high-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-enable-fips-mode: + rhcos4-high-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-high-worker-ensure-logrotate-activated: + rhcos4-high-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-file-groupowner-sshd-config: + rhcos4-high-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-owner-sshd-config: + rhcos4-high-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-ownership-var-log-audit: + rhcos4-high-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-config: + rhcos4-high-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-private-key: + rhcos4-high-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-sshd-pub-key: + rhcos4-high-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-high-worker-file-permissions-var-log-audit: + rhcos4-high-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-high-worker-kernel-module-atm-disabled: + rhcos4-high-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-bluetooth-disabled: + rhcos4-high-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-can-disabled: + rhcos4-high-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cfg80211-disabled: + rhcos4-high-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-cramfs-disabled: + rhcos4-high-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-firewire-core-disabled: + rhcos4-high-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-freevxfs-disabled: + rhcos4-high-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfs-disabled: + rhcos4-high-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-hfsplus-disabled: + rhcos4-high-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlmvm-disabled: + rhcos4-high-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-iwlwifi-disabled: + rhcos4-high-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-jffs2-disabled: + rhcos4-high-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-mac80211-disabled: + rhcos4-high-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-sctp-disabled: + rhcos4-high-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-squashfs-disabled: + rhcos4-high-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-tipc-disabled: + rhcos4-high-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-udf-disabled: + rhcos4-high-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-kernel-module-usb-storage-disabled: + rhcos4-high-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-direct-root-logins: + rhcos4-high-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-empty-passwords: + rhcos4-high-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-no-netrc-files: + rhcos4-high-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-shelllogin-for-systemaccounts: + rhcos4-high-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-high-worker-no-tmux-in-shells: + rhcos4-high-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-package-audit-installed: + rhcos4-high-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-iptables-installed: + rhcos4-high-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-iptables-nft-installed: + rhcos4-high-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-package-sudo-installed: + rhcos4-high-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-high-worker-package-usbguard-installed: + rhcos4-high-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-partition-for-var-log: + rhcos4-high-worker-partition-for-var-log: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-partition-for-var-log-audit: + rhcos4-high-worker-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-require-singleuser-auth: + rhcos4-high-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-policytype: + rhcos4-high-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-high-worker-selinux-state: + rhcos4-high-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-auditd-enabled: + rhcos4-high-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-autofs-disabled: + rhcos4-high-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-high-worker-service-bluetooth-disabled: + rhcos4-high-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-chronyd-or-ntpd-enabled: + rhcos4-high-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-high-worker-service-debug-shell-disabled: + rhcos4-high-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-sshd-disabled: + rhcos4-high-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-service-systemd-coredump-disabled: + rhcos4-high-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-service-usbguard-enabled: + rhcos4-high-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-disable-rhosts: + rhcos4-high-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-limit-user-access: + rhcos4-high-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-high-worker-sshd-set-idle-timeout: + rhcos4-high-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sshd-set-keepalive: + rhcos4-high-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-hardlinks: + rhcos4-high-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-fs-protected-symlinks: + rhcos4-high-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-core-pattern: + rhcos4-high-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-dmesg-restrict: + rhcos4-high-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-high-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-kptr-restrict: + rhcos4-high-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-high-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-high-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-high-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-high-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-high-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-high-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-high-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-high-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-high-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-usbguard-allow-hid-and-hub: + rhcos4-high-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-high-worker-wireless-disable-in-bios: + rhcos4-high-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-high-worker-wireless-disable-interfaces: + rhcos4-high-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.12.yml b/tests/assertions/ocp4/rhcos4-moderate-4.12.yml index 5bb8296d48e4..c00878a38dc4 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.12.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.13.yml b/tests/assertions/ocp4/rhcos4-moderate-4.13.yml index 4d41f02eba1b..76b211a5636b 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.13.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.14.yml b/tests/assertions/ocp4/rhcos4-moderate-4.14.yml index 4d41f02eba1b..76b211a5636b 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.14.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.15.yml b/tests/assertions/ocp4/rhcos4-moderate-4.15.yml index 4d41f02eba1b..76b211a5636b 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.15.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.16.yml b/tests/assertions/ocp4/rhcos4-moderate-4.16.yml index 3a34936c01fa..33298e9e2470 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.16.yml @@ -1,1437 +1,1437 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.17.yml b/tests/assertions/ocp4/rhcos4-moderate-4.17.yml index f41f17239c8a..275d4fc9b5df 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.17.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: PASS result_after_remediation: FAIL - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-moderate-4.18.yml b/tests/assertions/ocp4/rhcos4-moderate-4.18.yml index 6abc1ea9c4b2..d7d8d4af425f 100644 --- a/tests/assertions/ocp4/rhcos4-moderate-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-moderate-4.18.yml @@ -1,1443 +1,1443 @@ rule_results: - e2e-moderate-master-accounts-no-uid-except-zero: + rhcos4-moderate-master-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-chmod: + rhcos4-moderate-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-chown: + rhcos4-moderate-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-fchmod: + rhcos4-moderate-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchown: + rhcos4-moderate-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fchownat: + rhcos4-moderate-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lchown: + rhcos4-moderate-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-removexattr: + rhcos4-moderate-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-dac-modification-setxattr: + rhcos4-moderate-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-open: + rhcos4-moderate-master-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-group-openat: + rhcos4-moderate-master-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-open: + rhcos4-moderate-master-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-gshadow-openat: + rhcos4-moderate-master-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-open: + rhcos4-moderate-master-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-passwd-openat: + rhcos4-moderate-master-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-open: + rhcos4-moderate-master-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-master-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-etc-shadow-openat: + rhcos4-moderate-master-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-chcon: + rhcos4-moderate-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-restorecon: + rhcos4-moderate-master-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-semanage: + rhcos4-moderate-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setfiles: + rhcos4-moderate-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-setsebool: + rhcos4-moderate-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-execution-seunshare: + rhcos4-moderate-master-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rename: + rhcos4-moderate-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-immutable: + rhcos4-moderate-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-kernel-module-loading-init: + rhcos4-moderate-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-faillock: + rhcos4-moderate-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-lastlog: + rhcos4-moderate-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-login-events-tallylog: + rhcos4-moderate-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-mac-modification: + rhcos4-moderate-master-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-media-export: + rhcos4-moderate-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-networkconfig-modification: + rhcos4-moderate-master-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-at: + rhcos4-moderate-master-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chage: + rhcos4-moderate-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-chsh: + rhcos4-moderate-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-crontab: + rhcos4-moderate-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-mount: + rhcos4-moderate-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-master-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-passwd: + rhcos4-moderate-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-su: + rhcos4-moderate-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudo: + rhcos4-moderate-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-umount: + rhcos4-moderate-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-master-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-session-events: + rhcos4-moderate-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-sysadmin-actions: + rhcos4-moderate-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-adjtimex: + rhcos4-moderate-master-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-clock-settime: + rhcos4-moderate-master-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-settimeofday: + rhcos4-moderate-master-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-time-stime: + rhcos4-moderate-master-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-time-watch-localtime: + rhcos4-moderate-master-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-group: + rhcos4-moderate-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-error-action: + rhcos4-moderate-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-disk-full-action: + rhcos4-moderate-master-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-master-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-flush: + rhcos4-moderate-master-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file: + rhcos4-moderate-master-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-max-log-file-action: + rhcos4-moderate-master-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-num-logs: + rhcos4-moderate-master-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left: + rhcos4-moderate-master-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-data-retention-space-left-action: + rhcos4-moderate-master-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-freq: + rhcos4-moderate-master-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-local-events: + rhcos4-moderate-master-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-log-format: + rhcos4-moderate-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-auditd-name-format: + rhcos4-moderate-master-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-auditd-write-logs: + rhcos4-moderate-master-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-banner-etc-issue: + rhcos4-moderate-master-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-bios-disable-usb-boot: + rhcos4-moderate-master-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-chronyd-client-only: + rhcos4-moderate-master-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-no-chronyc-network: + rhcos4-moderate-master-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-master-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-master-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-crypto-policy: + rhcos4-moderate-master-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-kerberos-crypto-policy: + rhcos4-moderate-master-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-openssl-crypto-policy: + rhcos4-moderate-master-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-ssh-crypto-policy: + rhcos4-moderate-master-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-configure-usbguard-auditbackend: + rhcos4-moderate-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-master-coredump-disable-backtraces: + rhcos4-moderate-master-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coredump-disable-storage: + rhcos4-moderate-master-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-audit-option: + rhcos4-moderate-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-disable-interactive-boot: + rhcos4-moderate-master-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-coreos-nousb-kernel-argument: + rhcos4-moderate-master-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-page-poison-kernel-argument: + rhcos4-moderate-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-pti-kernel-argument: + rhcos4-moderate-master-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-coreos-vsyscall-kernel-argument: + rhcos4-moderate-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-access-var-log-audit: + rhcos4-moderate-master-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-directory-permissions-var-log-audit: + rhcos4-moderate-master-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-burstaction: + rhcos4-moderate-master-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-ctrlaltdel-reboot: + rhcos4-moderate-master-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-disable-users-coredumps: + rhcos4-moderate-master-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-enable-fips-mode: + rhcos4-moderate-master-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-ensure-logrotate-activated: + rhcos4-moderate-master-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-file-groupowner-sshd-config: + rhcos4-moderate-master-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-owner-sshd-config: + rhcos4-moderate-master-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-ownership-var-log-audit: + rhcos4-moderate-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-config: + rhcos4-moderate-master-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-private-key: + rhcos4-moderate-master-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-sshd-pub-key: + rhcos4-moderate-master-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-file-permissions-var-log-audit: + rhcos4-moderate-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-kernel-module-atm-disabled: + rhcos4-moderate-master-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-bluetooth-disabled: + rhcos4-moderate-master-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-can-disabled: + rhcos4-moderate-master-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cfg80211-disabled: + rhcos4-moderate-master-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-cramfs-disabled: + rhcos4-moderate-master-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-firewire-core-disabled: + rhcos4-moderate-master-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-freevxfs-disabled: + rhcos4-moderate-master-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfs-disabled: + rhcos4-moderate-master-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-hfsplus-disabled: + rhcos4-moderate-master-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlmvm-disabled: + rhcos4-moderate-master-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-iwlwifi-disabled: + rhcos4-moderate-master-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-jffs2-disabled: + rhcos4-moderate-master-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-mac80211-disabled: + rhcos4-moderate-master-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-sctp-disabled: + rhcos4-moderate-master-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-squashfs-disabled: + rhcos4-moderate-master-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-tipc-disabled: + rhcos4-moderate-master-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-udf-disabled: + rhcos4-moderate-master-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-kernel-module-usb-storage-disabled: + rhcos4-moderate-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-direct-root-logins: + rhcos4-moderate-master-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-empty-passwords: + rhcos4-moderate-master-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-no-netrc-files: + rhcos4-moderate-master-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-shelllogin-for-systemaccounts: + rhcos4-moderate-master-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-no-tmux-in-shells: + rhcos4-moderate-master-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-package-audit-installed: + rhcos4-moderate-master-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-iptables-installed: + rhcos4-moderate-master-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-iptables-nft-installed: + rhcos4-moderate-master-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-package-sudo-installed: + rhcos4-moderate-master-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-package-usbguard-installed: + rhcos4-moderate-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-partition-for-var-log: + rhcos4-moderate-master-partition-for-var-log: default_result: MANUAL - e2e-moderate-master-partition-for-var-log-audit: + rhcos4-moderate-master-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-master-require-singleuser-auth: + rhcos4-moderate-master-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-policytype: + rhcos4-moderate-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-selinux-state: + rhcos4-moderate-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-auditd-enabled: + rhcos4-moderate-master-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-autofs-disabled: + rhcos4-moderate-master-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-master-service-bluetooth-disabled: + rhcos4-moderate-master-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-service-debug-shell-disabled: + rhcos4-moderate-master-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-systemd-coredump-disabled: + rhcos4-moderate-master-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-service-usbguard-enabled: + rhcos4-moderate-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-disable-rhosts: + rhcos4-moderate-master-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-limit-user-access: + rhcos4-moderate-master-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-master-sshd-set-idle-timeout: + rhcos4-moderate-master-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sshd-set-keepalive: + rhcos4-moderate-master-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-hardlinks: + rhcos4-moderate-master-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-fs-protected-symlinks: + rhcos4-moderate-master-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-core-pattern: + rhcos4-moderate-master-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-master-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-kptr-restrict: + rhcos4-moderate-master-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-master-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-master-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-master-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-master-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-master-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-master-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-master-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-usbguard-allow-hid-and-hub: + rhcos4-moderate-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-master-wireless-disable-in-bios: + rhcos4-moderate-master-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-master-wireless-disable-interfaces: + rhcos4-moderate-master-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-accounts-no-uid-except-zero: + rhcos4-moderate-worker-accounts-no-uid-except-zero: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-chmod: + rhcos4-moderate-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-chown: + rhcos4-moderate-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-fchmod: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchown: + rhcos4-moderate-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fchownat: + rhcos4-moderate-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lchown: + rhcos4-moderate-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-removexattr: + rhcos4-moderate-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-dac-modification-setxattr: + rhcos4-moderate-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-open: + rhcos4-moderate-worker-audit-rules-etc-group-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-group-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-group-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-group-openat: + rhcos4-moderate-worker-audit-rules-etc-group-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-open: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-gshadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-gshadow-openat: + rhcos4-moderate-worker-audit-rules-etc-gshadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-open: + rhcos4-moderate-worker-audit-rules-etc-passwd-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-passwd-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-passwd-openat: + rhcos4-moderate-worker-audit-rules-etc-passwd-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-open: + rhcos4-moderate-worker-audit-rules-etc-shadow-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-etc-shadow-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-etc-shadow-openat: + rhcos4-moderate-worker-audit-rules-etc-shadow-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-chcon: + rhcos4-moderate-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-restorecon: + rhcos4-moderate-worker-audit-rules-execution-restorecon: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-semanage: + rhcos4-moderate-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setfiles: + rhcos4-moderate-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-setsebool: + rhcos4-moderate-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-execution-seunshare: + rhcos4-moderate-worker-audit-rules-execution-seunshare: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rename: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-renameat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-moderate-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlink: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-moderate-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-immutable: + rhcos4-moderate-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-delete: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-finit: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-kernel-module-loading-init: + rhcos4-moderate-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-faillock: + rhcos4-moderate-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-lastlog: + rhcos4-moderate-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-login-events-tallylog: + rhcos4-moderate-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-mac-modification: + rhcos4-moderate-worker-audit-rules-mac-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-media-export: + rhcos4-moderate-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-networkconfig-modification: + rhcos4-moderate-worker-audit-rules-networkconfig-modification: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-at: + rhcos4-moderate-worker-audit-rules-privileged-commands-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chage: + rhcos4-moderate-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-chsh: + rhcos4-moderate-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-crontab: + rhcos4-moderate-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-moderate-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-mount: + rhcos4-moderate-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newgrp: + rhcos4-moderate-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-newuidmap: + rhcos4-moderate-worker-audit-rules-privileged-commands-newuidmap: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-moderate-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-passwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postdrop: + rhcos4-moderate-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-postqueue: + rhcos4-moderate-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-moderate-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-moderate-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-su: + rhcos4-moderate-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudo: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-moderate-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-umount: + rhcos4-moderate-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-moderate-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-userhelper: + rhcos4-moderate-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-privileged-commands-usernetctl: + rhcos4-moderate-worker-audit-rules-privileged-commands-usernetctl: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-session-events: + rhcos4-moderate-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-sysadmin-actions: + rhcos4-moderate-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-adjtimex: + rhcos4-moderate-worker-audit-rules-time-adjtimex: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-clock-settime: + rhcos4-moderate-worker-audit-rules-time-clock-settime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-settimeofday: + rhcos4-moderate-worker-audit-rules-time-settimeofday: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-time-stime: + rhcos4-moderate-worker-audit-rules-time-stime: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-time-watch-localtime: + rhcos4-moderate-worker-audit-rules-time-watch-localtime: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-chown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-o-trunc-write: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-open-rule-order: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-creat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-o-trunc-write: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-openat-rule-order: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-moderate-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-group: + rhcos4-moderate-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-passwd: + rhcos4-moderate-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-audit-rules-usergroup-modification-shadow: + rhcos4-moderate-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-error-action: + rhcos4-moderate-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-disk-full-action: + rhcos4-moderate-worker-auditd-data-disk-full-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-admin-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-admin-space-left-action: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-flush: + rhcos4-moderate-worker-auditd-data-retention-flush: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file: + rhcos4-moderate-worker-auditd-data-retention-max-log-file: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-max-log-file-action: + rhcos4-moderate-worker-auditd-data-retention-max-log-file-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-num-logs: + rhcos4-moderate-worker-auditd-data-retention-num-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left: + rhcos4-moderate-worker-auditd-data-retention-space-left: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-data-retention-space-left-action: + rhcos4-moderate-worker-auditd-data-retention-space-left-action: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-freq: + rhcos4-moderate-worker-auditd-freq: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-local-events: + rhcos4-moderate-worker-auditd-local-events: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-log-format: + rhcos4-moderate-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-auditd-name-format: + rhcos4-moderate-worker-auditd-name-format: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-auditd-write-logs: + rhcos4-moderate-worker-auditd-write-logs: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-banner-etc-issue: + rhcos4-moderate-worker-banner-etc-issue: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-bios-disable-usb-boot: + rhcos4-moderate-worker-bios-disable-usb-boot: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-chronyd-client-only: + rhcos4-moderate-worker-chronyd-client-only: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-no-chronyc-network: + rhcos4-moderate-worker-chronyd-no-chronyc-network: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-set-maxpoll: + rhcos4-moderate-worker-chronyd-or-ntpd-set-maxpoll: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-multiple-servers: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-moderate-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-crypto-policy: + rhcos4-moderate-worker-configure-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-kerberos-crypto-policy: + rhcos4-moderate-worker-configure-kerberos-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-openssl-crypto-policy: + rhcos4-moderate-worker-configure-openssl-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-ssh-crypto-policy: + rhcos4-moderate-worker-configure-ssh-crypto-policy: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-configure-usbguard-auditbackend: + rhcos4-moderate-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-backtraces: + rhcos4-moderate-worker-coredump-disable-backtraces: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coredump-disable-storage: + rhcos4-moderate-worker-coredump-disable-storage: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-moderate-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-audit-option: + rhcos4-moderate-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-disable-interactive-boot: + rhcos4-moderate-worker-coreos-disable-interactive-boot: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-enable-selinux-kernel-argument: + rhcos4-moderate-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-coreos-nousb-kernel-argument: + rhcos4-moderate-worker-coreos-nousb-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-page-poison-kernel-argument: + rhcos4-moderate-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-pti-kernel-argument: + rhcos4-moderate-worker-coreos-pti-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-coreos-vsyscall-kernel-argument: + rhcos4-moderate-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-access-var-log-audit: + rhcos4-moderate-worker-directory-access-var-log-audit: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-directory-permissions-var-log-audit: + rhcos4-moderate-worker-directory-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-burstaction: + rhcos4-moderate-worker-disable-ctrlaltdel-burstaction: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-ctrlaltdel-reboot: + rhcos4-moderate-worker-disable-ctrlaltdel-reboot: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-disable-users-coredumps: + rhcos4-moderate-worker-disable-users-coredumps: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-enable-fips-mode: + rhcos4-moderate-worker-enable-fips-mode: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-ensure-logrotate-activated: + rhcos4-moderate-worker-ensure-logrotate-activated: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-file-groupowner-sshd-config: + rhcos4-moderate-worker-file-groupowner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-owner-sshd-config: + rhcos4-moderate-worker-file-owner-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-ownership-var-log-audit: + rhcos4-moderate-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-config: + rhcos4-moderate-worker-file-permissions-sshd-config: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-private-key: + rhcos4-moderate-worker-file-permissions-sshd-private-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-sshd-pub-key: + rhcos4-moderate-worker-file-permissions-sshd-pub-key: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-file-permissions-var-log-audit: + rhcos4-moderate-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-kernel-module-atm-disabled: + rhcos4-moderate-worker-kernel-module-atm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-bluetooth-disabled: + rhcos4-moderate-worker-kernel-module-bluetooth-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-can-disabled: + rhcos4-moderate-worker-kernel-module-can-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cfg80211-disabled: + rhcos4-moderate-worker-kernel-module-cfg80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-cramfs-disabled: + rhcos4-moderate-worker-kernel-module-cramfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-firewire-core-disabled: + rhcos4-moderate-worker-kernel-module-firewire-core-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-freevxfs-disabled: + rhcos4-moderate-worker-kernel-module-freevxfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfs-disabled: + rhcos4-moderate-worker-kernel-module-hfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-hfsplus-disabled: + rhcos4-moderate-worker-kernel-module-hfsplus-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlmvm-disabled: + rhcos4-moderate-worker-kernel-module-iwlmvm-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-iwlwifi-disabled: + rhcos4-moderate-worker-kernel-module-iwlwifi-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-jffs2-disabled: + rhcos4-moderate-worker-kernel-module-jffs2-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-mac80211-disabled: + rhcos4-moderate-worker-kernel-module-mac80211-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-sctp-disabled: + rhcos4-moderate-worker-kernel-module-sctp-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-squashfs-disabled: + rhcos4-moderate-worker-kernel-module-squashfs-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-tipc-disabled: + rhcos4-moderate-worker-kernel-module-tipc-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-udf-disabled: + rhcos4-moderate-worker-kernel-module-udf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-kernel-module-usb-storage-disabled: + rhcos4-moderate-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-direct-root-logins: + rhcos4-moderate-worker-no-direct-root-logins: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-empty-passwords: + rhcos4-moderate-worker-no-empty-passwords: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-no-netrc-files: + rhcos4-moderate-worker-no-netrc-files: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-shelllogin-for-systemaccounts: + rhcos4-moderate-worker-no-shelllogin-for-systemaccounts: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-no-tmux-in-shells: + rhcos4-moderate-worker-no-tmux-in-shells: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-package-audit-installed: + rhcos4-moderate-worker-package-audit-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-iptables-installed: + rhcos4-moderate-worker-package-iptables-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-iptables-nft-installed: + rhcos4-moderate-worker-package-iptables-nft-installed: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-package-sudo-installed: + rhcos4-moderate-worker-package-sudo-installed: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-package-usbguard-installed: + rhcos4-moderate-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-partition-for-var-log: + rhcos4-moderate-worker-partition-for-var-log: default_result: MANUAL - e2e-moderate-worker-partition-for-var-log-audit: + rhcos4-moderate-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-moderate-worker-require-singleuser-auth: + rhcos4-moderate-worker-require-singleuser-auth: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-policytype: + rhcos4-moderate-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-selinux-state: + rhcos4-moderate-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-auditd-enabled: + rhcos4-moderate-worker-service-auditd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-autofs-disabled: + rhcos4-moderate-worker-service-autofs-disabled: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE - e2e-moderate-worker-service-bluetooth-disabled: + rhcos4-moderate-worker-service-bluetooth-disabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-chronyd-or-ntpd-enabled: + rhcos4-moderate-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-service-debug-shell-disabled: + rhcos4-moderate-worker-service-debug-shell-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-systemd-coredump-disabled: + rhcos4-moderate-worker-service-systemd-coredump-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-service-usbguard-enabled: + rhcos4-moderate-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-disable-rhosts: + rhcos4-moderate-worker-sshd-disable-rhosts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-limit-user-access: + rhcos4-moderate-worker-sshd-limit-user-access: default_result: FAIL result_after_remediation: FAIL - e2e-moderate-worker-sshd-set-idle-timeout: + rhcos4-moderate-worker-sshd-set-idle-timeout: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sshd-set-keepalive: + rhcos4-moderate-worker-sshd-set-keepalive: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-hardlinks: + rhcos4-moderate-worker-sysctl-fs-protected-hardlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-fs-protected-symlinks: + rhcos4-moderate-worker-sysctl-fs-protected-symlinks: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-core-pattern: + rhcos4-moderate-worker-sysctl-kernel-core-pattern: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-dmesg-restrict: + rhcos4-moderate-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kexec-load-disabled: + rhcos4-moderate-worker-sysctl-kernel-kexec-load-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-kptr-restrict: + rhcos4-moderate-worker-sysctl-kernel-kptr-restrict: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-moderate-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: + rhcos4-moderate-worker-sysctl-kernel-unprivileged-bpf-disabled: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-kernel-yama-ptrace-scope: + rhcos4-moderate-worker-sysctl-kernel-yama-ptrace-scope: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-core-bpf-jit-harden: + rhcos4-moderate-worker-sysctl-net-core-bpf-jit-harden: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-all-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-accept-source-route: default_result: PASS result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-log-martians: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-rp-filter: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-secure-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: + rhcos4-moderate-worker-sysctl-net-ipv4-conf-default-send-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-echo-ignore-broadcasts: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: + rhcos4-moderate-worker-sysctl-net-ipv4-icmp-ignore-bogus-error-responses: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv4-tcp-syncookies: + rhcos4-moderate-worker-sysctl-net-ipv4-tcp-syncookies: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-all-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-ra: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-redirects: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: + rhcos4-moderate-worker-sysctl-net-ipv6-conf-default-accept-source-route: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-usbguard-allow-hid-and-hub: + rhcos4-moderate-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-moderate-worker-wireless-disable-in-bios: + rhcos4-moderate-worker-wireless-disable-in-bios: default_result: MANUAL result_after_remediation: MANUAL - e2e-moderate-worker-wireless-disable-interfaces: + rhcos4-moderate-worker-wireless-disable-interfaces: default_result: NOT-APPLICABLE result_after_remediation: NOT-APPLICABLE diff --git a/tests/assertions/ocp4/rhcos4-stig-4.12.yml b/tests/assertions/ocp4/rhcos4-stig-4.12.yml index 5cddafa620f8..dca99a155b90 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.12.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.12.yml @@ -1,715 +1,715 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL result_after_remediation: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.13.yml b/tests/assertions/ocp4/rhcos4-stig-4.13.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.13.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.13.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.14.yml b/tests/assertions/ocp4/rhcos4-stig-4.14.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.14.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.14.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.15.yml b/tests/assertions/ocp4/rhcos4-stig-4.15.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.15.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.15.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.16.yml b/tests/assertions/ocp4/rhcos4-stig-4.16.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.16.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.16.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.17.yml b/tests/assertions/ocp4/rhcos4-stig-4.17.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.17.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.17.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS diff --git a/tests/assertions/ocp4/rhcos4-stig-4.18.yml b/tests/assertions/ocp4/rhcos4-stig-4.18.yml index 163672d3104b..bb0d854e72e8 100644 --- a/tests/assertions/ocp4/rhcos4-stig-4.18.yml +++ b/tests/assertions/ocp4/rhcos4-stig-4.18.yml @@ -1,713 +1,713 @@ rule_results: - e2e-stig-master-audit-access-failed: + rhcos4-stig-master-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-create-failed: + rhcos4-stig-master-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-delete-failed: + rhcos4-stig-master-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-immutable-login-uids: + rhcos4-stig-master-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-modify-failed: + rhcos4-stig-master-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-chmod: + rhcos4-stig-master-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-chown: + rhcos4-stig-master-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-fchmod: + rhcos4-stig-master-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchmodat: + rhcos4-stig-master-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchown: + rhcos4-stig-master-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fchownat: + rhcos4-stig-master-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lchown: + rhcos4-stig-master-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-master-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-master-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-removexattr: + rhcos4-stig-master-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-setxattr: + rhcos4-stig-master-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount: + rhcos4-stig-master-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-dac-modification-umount2: + rhcos4-stig-master-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-chcon: + rhcos4-stig-master-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-semanage: + rhcos4-stig-master-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setfiles: + rhcos4-stig-master-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-execution-setsebool: + rhcos4-stig-master-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rename: + rhcos4-stig-master-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-renameat: + rhcos4-stig-master-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-master-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlink: + rhcos4-stig-master-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-master-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-immutable: + rhcos4-stig-master-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-delete: + rhcos4-stig-master-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-finit: + rhcos4-stig-master-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-kernel-module-loading-init: + rhcos4-stig-master-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-faillock: + rhcos4-stig-master-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-lastlog: + rhcos4-stig-master-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-login-events-tallylog: + rhcos4-stig-master-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-media-export: + rhcos4-stig-master-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chage: + rhcos4-stig-master-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-chsh: + rhcos4-stig-master-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-crontab: + rhcos4-stig-master-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-master-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-master-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-master-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-master-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount: + rhcos4-stig-master-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-master-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-newgrp: + rhcos4-stig-master-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-master-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-passwd: + rhcos4-stig-master-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pkexec: + rhcos4-stig-master-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-master-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postdrop: + rhcos4-stig-master-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-postqueue: + rhcos4-stig-master-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-master-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-master-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-master-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-su: + rhcos4-stig-master-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudo: + rhcos4-stig-master-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-master-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-umount: + rhcos4-stig-master-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-master-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-userhelper: + rhcos4-stig-master-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-utempter: + rhcos4-stig-master-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-privileged-commands-write: + rhcos4-stig-master-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-session-events: + rhcos4-stig-master-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-sysadmin-actions: + rhcos4-stig-master-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-master-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification: + rhcos4-stig-master-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-group: + rhcos4-stig-master-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-master-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-master-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-passwd: + rhcos4-stig-master-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-audit-rules-usergroup-modification-shadow: + rhcos4-stig-master-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-disk-error-action: + rhcos4-stig-master-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-master-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-master-auditd-log-format: + rhcos4-stig-master-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-master-bios-enable-execution-restrictions: + rhcos4-stig-master-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-master-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-master-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-master-configure-usbguard-auditbackend: + rhcos4-stig-master-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-master-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-master-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-audit-option: + rhcos4-stig-master-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-enable-selinux-kernel-argument: + rhcos4-stig-master-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-master-coreos-page-poison-kernel-argument: + rhcos4-stig-master-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-slub-debug-kernel-argument: + rhcos4-stig-master-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-coreos-vsyscall-kernel-argument: + rhcos4-stig-master-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-file-groupowner-system-journal: + rhcos4-stig-master-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-groupowner-var-log: + rhcos4-stig-master-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-system-journal: + rhcos4-stig-master-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-owner-var-log: + rhcos4-stig-master-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-ownership-var-log-audit: + rhcos4-stig-master-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-system-journal: + rhcos4-stig-master-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log: + rhcos4-stig-master-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-master-file-permissions-var-log-audit: + rhcos4-stig-master-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-master-kernel-module-usb-storage-disabled: + rhcos4-stig-master-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-package-usbguard-installed: + rhcos4-stig-master-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-partition-for-var-log-audit: + rhcos4-stig-master-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-master-selinux-policytype: + rhcos4-stig-master-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-master-selinux-state: + rhcos4-stig-master-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-chronyd-or-ntpd-enabled: + rhcos4-stig-master-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-master-service-sshd-disabled: + rhcos4-stig-master-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-service-usbguard-enabled: + rhcos4-stig-master-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sshd-disable-root-login: + rhcos4-stig-master-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-dmesg-restrict: + rhcos4-stig-master-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-master-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-sysctl-kernel-randomize-va-space: + rhcos4-stig-master-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-master-usbguard-allow-hid-and-hub: + rhcos4-stig-master-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-access-failed: + rhcos4-stig-worker-audit-access-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-create-failed: + rhcos4-stig-worker-audit-create-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-delete-failed: + rhcos4-stig-worker-audit-delete-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-immutable-login-uids: + rhcos4-stig-worker-audit-immutable-login-uids: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-modify-failed: + rhcos4-stig-worker-audit-modify-failed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-chmod: + rhcos4-stig-worker-audit-rules-dac-modification-chmod: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-chown: + rhcos4-stig-worker-audit-rules-dac-modification-chown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-fchmod: + rhcos4-stig-worker-audit-rules-dac-modification-fchmod: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchmodat: + rhcos4-stig-worker-audit-rules-dac-modification-fchmodat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchown: + rhcos4-stig-worker-audit-rules-dac-modification-fchown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fchownat: + rhcos4-stig-worker-audit-rules-dac-modification-fchownat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-fremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-fsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-fsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lchown: + rhcos4-stig-worker-audit-rules-dac-modification-lchown: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-dac-modification-lremovexattr: + rhcos4-stig-worker-audit-rules-dac-modification-lremovexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-lsetxattr: + rhcos4-stig-worker-audit-rules-dac-modification-lsetxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-removexattr: + rhcos4-stig-worker-audit-rules-dac-modification-removexattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-setxattr: + rhcos4-stig-worker-audit-rules-dac-modification-setxattr: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount: + rhcos4-stig-worker-audit-rules-dac-modification-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-dac-modification-umount2: + rhcos4-stig-worker-audit-rules-dac-modification-umount2: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-chcon: + rhcos4-stig-worker-audit-rules-execution-chcon: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-semanage: + rhcos4-stig-worker-audit-rules-execution-semanage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setfiles: + rhcos4-stig-worker-audit-rules-execution-setfiles: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-execution-setsebool: + rhcos4-stig-worker-audit-rules-execution-setsebool: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rename: + rhcos4-stig-worker-audit-rules-file-deletion-events-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-renameat: + rhcos4-stig-worker-audit-rules-file-deletion-events-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-file-deletion-events-rmdir: + rhcos4-stig-worker-audit-rules-file-deletion-events-rmdir: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlink: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-file-deletion-events-unlinkat: + rhcos4-stig-worker-audit-rules-file-deletion-events-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-immutable: + rhcos4-stig-worker-audit-rules-immutable: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-delete: + rhcos4-stig-worker-audit-rules-kernel-module-loading-delete: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-finit: + rhcos4-stig-worker-audit-rules-kernel-module-loading-finit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-kernel-module-loading-init: + rhcos4-stig-worker-audit-rules-kernel-module-loading-init: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-faillock: + rhcos4-stig-worker-audit-rules-login-events-faillock: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-lastlog: + rhcos4-stig-worker-audit-rules-login-events-lastlog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-login-events-tallylog: + rhcos4-stig-worker-audit-rules-login-events-tallylog: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-media-export: + rhcos4-stig-worker-audit-rules-media-export: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chage: + rhcos4-stig-worker-audit-rules-privileged-commands-chage: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-chsh: + rhcos4-stig-worker-audit-rules-privileged-commands-chsh: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-crontab: + rhcos4-stig-worker-audit-rules-privileged-commands-crontab: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-dbus-daemon-launch-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-fusermount3: + rhcos4-stig-worker-audit-rules-privileged-commands-fusermount3: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-gpasswd: + rhcos4-stig-worker-audit-rules-privileged-commands-gpasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: + rhcos4-stig-worker-audit-rules-privileged-commands-grub2-set-bootflag: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount: + rhcos4-stig-worker-audit-rules-privileged-commands-mount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-mount-nfs: + rhcos4-stig-worker-audit-rules-privileged-commands-mount-nfs: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-newgrp: + rhcos4-stig-worker-audit-rules-privileged-commands-newgrp: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: + rhcos4-stig-worker-audit-rules-privileged-commands-pam-timestamp-check: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-passwd: + rhcos4-stig-worker-audit-rules-privileged-commands-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pkexec: + rhcos4-stig-worker-audit-rules-privileged-commands-pkexec: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-polkit-helper: + rhcos4-stig-worker-audit-rules-privileged-commands-polkit-helper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postdrop: + rhcos4-stig-worker-audit-rules-privileged-commands-postdrop: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-postqueue: + rhcos4-stig-worker-audit-rules-privileged-commands-postqueue: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-pt-chown: + rhcos4-stig-worker-audit-rules-privileged-commands-pt-chown: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-ssh-keysign: + rhcos4-stig-worker-audit-rules-privileged-commands-ssh-keysign: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-krb5-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-ldap-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-proxy-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: + rhcos4-stig-worker-audit-rules-privileged-commands-sssd-selinux-child: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-su: + rhcos4-stig-worker-audit-rules-privileged-commands-su: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudo: + rhcos4-stig-worker-audit-rules-privileged-commands-sudo: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-sudoedit: + rhcos4-stig-worker-audit-rules-privileged-commands-sudoedit: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-umount: + rhcos4-stig-worker-audit-rules-privileged-commands-umount: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-unix-chkpwd: + rhcos4-stig-worker-audit-rules-privileged-commands-unix-chkpwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-userhelper: + rhcos4-stig-worker-audit-rules-privileged-commands-userhelper: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-utempter: + rhcos4-stig-worker-audit-rules-privileged-commands-utempter: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-privileged-commands-write: + rhcos4-stig-worker-audit-rules-privileged-commands-write: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-session-events: + rhcos4-stig-worker-audit-rules-session-events: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-sysadmin-actions: + rhcos4-stig-worker-audit-rules-sysadmin-actions: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-creat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-creat: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-ftruncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-open-by-handle-at: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-openat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-openat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-rename: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-rename: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-renameat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-renameat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-truncate: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-truncate: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlink: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlink: default_result: FAIL or NOT-APPLICABLE result_after_remediation: PASS or NOT-APPLICABLE - e2e-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: + rhcos4-stig-worker-audit-rules-unsuccessful-file-modification-unlinkat: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification: + rhcos4-stig-worker-audit-rules-usergroup-modification: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-group: + rhcos4-stig-worker-audit-rules-usergroup-modification-group: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-gshadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-gshadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-opasswd: + rhcos4-stig-worker-audit-rules-usergroup-modification-opasswd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-passwd: + rhcos4-stig-worker-audit-rules-usergroup-modification-passwd: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-audit-rules-usergroup-modification-shadow: + rhcos4-stig-worker-audit-rules-usergroup-modification-shadow: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-disk-error-action: + rhcos4-stig-worker-auditd-data-disk-error-action: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-auditd-data-retention-max-log-file-action-stig: + rhcos4-stig-worker-auditd-data-retention-max-log-file-action-stig: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-auditd-log-format: + rhcos4-stig-worker-auditd-log-format: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-bios-enable-execution-restrictions: + rhcos4-stig-worker-bios-enable-execution-restrictions: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-chronyd-or-ntpd-specify-remote-server: + rhcos4-stig-worker-chronyd-or-ntpd-specify-remote-server: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-configure-usbguard-auditbackend: + rhcos4-stig-worker-configure-usbguard-auditbackend: default_result: NOT-APPLICABLE result_after_remediation: PASS - e2e-stig-worker-coreos-audit-backlog-limit-kernel-argument: + rhcos4-stig-worker-coreos-audit-backlog-limit-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-audit-option: + rhcos4-stig-worker-coreos-audit-option: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-enable-selinux-kernel-argument: + rhcos4-stig-worker-coreos-enable-selinux-kernel-argument: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-coreos-page-poison-kernel-argument: + rhcos4-stig-worker-coreos-page-poison-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-slub-debug-kernel-argument: + rhcos4-stig-worker-coreos-slub-debug-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-coreos-vsyscall-kernel-argument: + rhcos4-stig-worker-coreos-vsyscall-kernel-argument: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-file-groupowner-system-journal: + rhcos4-stig-worker-file-groupowner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-groupowner-var-log: + rhcos4-stig-worker-file-groupowner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-system-journal: + rhcos4-stig-worker-file-owner-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-owner-var-log: + rhcos4-stig-worker-file-owner-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-ownership-var-log-audit: + rhcos4-stig-worker-file-ownership-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-system-journal: + rhcos4-stig-worker-file-permissions-system-journal: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log: + rhcos4-stig-worker-file-permissions-var-log: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-file-permissions-var-log-audit: + rhcos4-stig-worker-file-permissions-var-log-audit: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-kernel-module-usb-storage-disabled: + rhcos4-stig-worker-kernel-module-usb-storage-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-package-usbguard-installed: + rhcos4-stig-worker-package-usbguard-installed: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-partition-for-var-log-audit: + rhcos4-stig-worker-partition-for-var-log-audit: default_result: MANUAL - e2e-stig-worker-selinux-policytype: + rhcos4-stig-worker-selinux-policytype: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-selinux-state: + rhcos4-stig-worker-selinux-state: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-chronyd-or-ntpd-enabled: + rhcos4-stig-worker-service-chronyd-or-ntpd-enabled: default_result: PASS result_after_remediation: PASS - e2e-stig-worker-service-sshd-disabled: + rhcos4-stig-worker-service-sshd-disabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-service-usbguard-enabled: + rhcos4-stig-worker-service-usbguard-enabled: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sshd-disable-root-login: + rhcos4-stig-worker-sshd-disable-root-login: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-dmesg-restrict: + rhcos4-stig-worker-sysctl-kernel-dmesg-restrict: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-perf-event-paranoid: + rhcos4-stig-worker-sysctl-kernel-perf-event-paranoid: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-sysctl-kernel-randomize-va-space: + rhcos4-stig-worker-sysctl-kernel-randomize-va-space: default_result: FAIL result_after_remediation: PASS - e2e-stig-worker-usbguard-allow-hid-and-hub: + rhcos4-stig-worker-usbguard-allow-hid-and-hub: default_result: FAIL result_after_remediation: PASS